Analysis
-
max time kernel
34s -
max time network
142s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
24/08/2024, 22:40
General
-
Target
53f0b05520c996ae0e00438b06fdf1f1815491f61762df0efde8ba575089e29f.exe
-
Size
212KB
-
MD5
a8e04f5e6b0db1bc3bed94fbbe96563d
-
SHA1
fdd5870b444b912605df785af7ec1d52b2581b16
-
SHA256
53f0b05520c996ae0e00438b06fdf1f1815491f61762df0efde8ba575089e29f
-
SHA512
635730afb305f831fc6a3c044aa06dce4d1a378d7a0786134080af6867be37613bc28c26340ae2e82ca8c364820d12fb41d81dacf424d4b018256bc449bf87e1
-
SSDEEP
1536:qeT7BVwxfvEFwjRCeT75eT7BVwxfUtwxfUF3hPrBHfofga45J7p+XI:qmVwRKCC6mVwRUtwRU/rrP7YY
Score
10/10
Malware Config
Signatures
-
Modifies visibility of file extensions in Explorer 2 TTPs 64 IoCs
-
Executes dropped EXE 64 IoCs
-
UPX packed file 64 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Network Share Discovery 1 TTPs
Attempt to gather information on host network.
-
Drops file in Program Files directory 64 IoCs
-
Drops file in Windows directory 49 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 64 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 4 IoCs
Adversaries may check for Internet connectivity on compromised systems.
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
System policy modification 1 TTPs 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\53f0b05520c996ae0e00438b06fdf1f1815491f61762df0efde8ba575089e29f.exe"C:\Users\Admin\AppData\Local\Temp\53f0b05520c996ae0e00438b06fdf1f1815491f61762df0efde8ba575089e29f.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\{B1FB863D-D034-41C0-8B47-12E921C0AB9B}\backup.exeC:\Users\Admin\AppData\Local\Temp\{B1FB863D-D034-41C0-8B47-12E921C0AB9B}\backup.exe C:\Users\Admin\AppData\Local\Temp\{B1FB863D-D034-41C0-8B47-12E921C0AB9B}\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\backup.exe\backup.exe \3⤵
- Executes dropped EXE
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\PerfLogs\backup.exeC:\PerfLogs\backup.exe C:\PerfLogs\4⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\backup.exe"C:\Program Files\backup.exe" C:\Program Files\4⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\7-Zip\data.exe"C:\Program Files\7-Zip\data.exe" C:\Program Files\7-Zip\5⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\7-Zip\Lang\backup.exe"C:\Program Files\7-Zip\Lang\backup.exe" C:\Program Files\7-Zip\Lang\6⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\Common Files\backup.exe"C:\Program Files\Common Files\backup.exe" C:\Program Files\Common Files\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\DESIGNER\update.exe"C:\Program Files\Common Files\DESIGNER\update.exe" C:\Program Files\Common Files\DESIGNER\6⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\backup.exe"C:\Program Files\Common Files\microsoft shared\backup.exe" C:\Program Files\Common Files\microsoft shared\6⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\microsoft shared\ClickToRun\backup.exe"C:\Program Files\Common Files\microsoft shared\ClickToRun\backup.exe" C:\Program Files\Common Files\microsoft shared\ClickToRun\7⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\7⤵
- Executes dropped EXE
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\microsoft shared\ink\ar-SA\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\ar-SA\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\ar-SA\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\bg-BG\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\bg-BG\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\bg-BG\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\da-DK\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\da-DK\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\da-DK\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\de-DE\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\de-DE\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\de-DE\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\el-GR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\el-GR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\el-GR\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\en-GB\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\en-GB\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\en-GB\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\en-US\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\en-US\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\en-US\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\es-ES\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\es-ES\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\es-ES\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\es-MX\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\es-MX\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\es-MX\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\et-EE\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\et-EE\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\et-EE\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\fi-FI\data.exe"C:\Program Files\Common Files\microsoft shared\ink\fi-FI\data.exe" C:\Program Files\Common Files\microsoft shared\ink\fi-FI\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\fr-CA\update.exe"C:\Program Files\Common Files\microsoft shared\ink\fr-CA\update.exe" C:\Program Files\Common Files\microsoft shared\ink\fr-CA\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\fr-FR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fr-FR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fr-FR\8⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\8⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\auxpad\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\auxpad\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\auxpad\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\insert\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\insert\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\insert\9⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\data.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\data.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\9⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\9⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskclearui\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskclearui\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskclearui\9⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskmenu\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskmenu\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskmenu\9⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav\9⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknumpad\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknumpad\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknumpad\9⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskpred\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskpred\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskpred\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\9⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Program Files\Common Files\microsoft shared\ink\he-IL\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\he-IL\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\he-IL\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\hr-HR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\hr-HR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\hr-HR\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\hu-HU\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\hu-HU\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\hu-HU\8⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\Common Files\microsoft shared\ink\HWRCustomization\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\HWRCustomization\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\HWRCustomization\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\microsoft shared\ink\it-IT\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\it-IT\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\it-IT\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\ja-JP\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\ja-JP\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\ja-JP\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\ko-KR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\ko-KR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\ko-KR\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\LanguageModel\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\LanguageModel\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\LanguageModel\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\lt-LT\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\lt-LT\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\lt-LT\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\microsoft shared\ink\lv-LV\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\lv-LV\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\lv-LV\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\nb-NO\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\nb-NO\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\nb-NO\8⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\Common Files\microsoft shared\ink\nl-NL\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\nl-NL\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\nl-NL\8⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\Common Files\microsoft shared\ink\pl-PL\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\pl-PL\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\pl-PL\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\microsoft shared\ink\pt-BR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\pt-BR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\pt-BR\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\pt-PT\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\pt-PT\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\pt-PT\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\ro-RO\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\ro-RO\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\ro-RO\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\ru-RU\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\ru-RU\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\ru-RU\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\sk-SK\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\sk-SK\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\sk-SK\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\sl-SI\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\sl-SI\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\sl-SI\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\sr-Latn-RS\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\sr-Latn-RS\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\sr-Latn-RS\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\sv-SE\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\sv-SE\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\sv-SE\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\microsoft shared\ink\th-TH\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\th-TH\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\th-TH\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\tr-TR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\tr-TR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\tr-TR\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\microsoft shared\ink\uk-UA\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\uk-UA\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\uk-UA\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\zh-CN\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\zh-CN\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\zh-CN\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\zh-TW\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\zh-TW\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\zh-TW\8⤵
-
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\8⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\es-ES\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\es-ES\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\es-ES\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\fr-FR\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\fr-FR\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\fr-FR\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\it-IT\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\it-IT\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\it-IT\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\ja-JP\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\ja-JP\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\ja-JP\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\uk-UA\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\uk-UA\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\uk-UA\8⤵
-
-
-
C:\Program Files\Common Files\microsoft shared\OFFICE16\backup.exe"C:\Program Files\Common Files\microsoft shared\OFFICE16\backup.exe" C:\Program Files\Common Files\microsoft shared\OFFICE16\7⤵
- System policy modification
-
C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\data.exe"C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\data.exe" C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\8⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\backup.exe"C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\backup.exe" C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\7⤵
-
-
C:\Program Files\Common Files\microsoft shared\Source Engine\backup.exe"C:\Program Files\Common Files\microsoft shared\Source Engine\backup.exe" C:\Program Files\Common Files\microsoft shared\Source Engine\7⤵
-
-
C:\Program Files\Common Files\microsoft shared\Stationery\backup.exe"C:\Program Files\Common Files\microsoft shared\Stationery\backup.exe" C:\Program Files\Common Files\microsoft shared\Stationery\7⤵
-
-
C:\Program Files\Common Files\microsoft shared\TextConv\backup.exe"C:\Program Files\Common Files\microsoft shared\TextConv\backup.exe" C:\Program Files\Common Files\microsoft shared\TextConv\7⤵
-
C:\Program Files\Common Files\microsoft shared\TextConv\en-US\backup.exe"C:\Program Files\Common Files\microsoft shared\TextConv\en-US\backup.exe" C:\Program Files\Common Files\microsoft shared\TextConv\en-US\8⤵
-
-
-
C:\Program Files\Common Files\microsoft shared\Triedit\backup.exe"C:\Program Files\Common Files\microsoft shared\Triedit\backup.exe" C:\Program Files\Common Files\microsoft shared\Triedit\7⤵
-
C:\Program Files\Common Files\microsoft shared\Triedit\en-US\backup.exe"C:\Program Files\Common Files\microsoft shared\Triedit\en-US\backup.exe" C:\Program Files\Common Files\microsoft shared\Triedit\en-US\8⤵
- System policy modification
-
-
-
C:\Program Files\Common Files\microsoft shared\VC\backup.exe"C:\Program Files\Common Files\microsoft shared\VC\backup.exe" C:\Program Files\Common Files\microsoft shared\VC\7⤵
-
-
C:\Program Files\Common Files\microsoft shared\VGX\backup.exe"C:\Program Files\Common Files\microsoft shared\VGX\backup.exe" C:\Program Files\Common Files\microsoft shared\VGX\7⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\Common Files\microsoft shared\VSTO\backup.exe"C:\Program Files\Common Files\microsoft shared\VSTO\backup.exe" C:\Program Files\Common Files\microsoft shared\VSTO\7⤵
-
C:\Program Files\Common Files\microsoft shared\VSTO\10.0\backup.exe"C:\Program Files\Common Files\microsoft shared\VSTO\10.0\backup.exe" C:\Program Files\Common Files\microsoft shared\VSTO\10.0\8⤵
-
C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033\backup.exe"C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033\backup.exe" C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033\9⤵
- System Location Discovery: System Language Discovery
-
-
-
-
-
C:\Program Files\Common Files\Services\backup.exe"C:\Program Files\Common Files\Services\backup.exe" C:\Program Files\Common Files\Services\6⤵
-
-
C:\Program Files\Common Files\System\backup.exe"C:\Program Files\Common Files\System\backup.exe" C:\Program Files\Common Files\System\6⤵
-
C:\Program Files\Common Files\System\ado\backup.exe"C:\Program Files\Common Files\System\ado\backup.exe" C:\Program Files\Common Files\System\ado\7⤵
- Drops file in Program Files directory
-
C:\Program Files\Common Files\System\ado\de-DE\backup.exe"C:\Program Files\Common Files\System\ado\de-DE\backup.exe" C:\Program Files\Common Files\System\ado\de-DE\8⤵
-
-
C:\Program Files\Common Files\System\ado\en-US\backup.exe"C:\Program Files\Common Files\System\ado\en-US\backup.exe" C:\Program Files\Common Files\System\ado\en-US\8⤵
-
-
C:\Program Files\Common Files\System\ado\es-ES\backup.exe"C:\Program Files\Common Files\System\ado\es-ES\backup.exe" C:\Program Files\Common Files\System\ado\es-ES\8⤵
-
-
C:\Program Files\Common Files\System\ado\fr-FR\backup.exe"C:\Program Files\Common Files\System\ado\fr-FR\backup.exe" C:\Program Files\Common Files\System\ado\fr-FR\8⤵
-
-
C:\Program Files\Common Files\System\ado\it-IT\backup.exe"C:\Program Files\Common Files\System\ado\it-IT\backup.exe" C:\Program Files\Common Files\System\ado\it-IT\8⤵
-
-
C:\Program Files\Common Files\System\ado\ja-JP\backup.exe"C:\Program Files\Common Files\System\ado\ja-JP\backup.exe" C:\Program Files\Common Files\System\ado\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\System\de-DE\backup.exe"C:\Program Files\Common Files\System\de-DE\backup.exe" C:\Program Files\Common Files\System\de-DE\7⤵
-
-
C:\Program Files\Common Files\System\en-US\backup.exe"C:\Program Files\Common Files\System\en-US\backup.exe" C:\Program Files\Common Files\System\en-US\7⤵
-
-
C:\Program Files\Common Files\System\es-ES\backup.exe"C:\Program Files\Common Files\System\es-ES\backup.exe" C:\Program Files\Common Files\System\es-ES\7⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\Common Files\System\fr-FR\backup.exe"C:\Program Files\Common Files\System\fr-FR\backup.exe" C:\Program Files\Common Files\System\fr-FR\7⤵
-
-
C:\Program Files\Common Files\System\it-IT\backup.exe"C:\Program Files\Common Files\System\it-IT\backup.exe" C:\Program Files\Common Files\System\it-IT\7⤵
-
-
C:\Program Files\Common Files\System\ja-JP\System Restore.exe"C:\Program Files\Common Files\System\ja-JP\System Restore.exe" C:\Program Files\Common Files\System\ja-JP\7⤵
-
-
C:\Program Files\Common Files\System\msadc\backup.exe"C:\Program Files\Common Files\System\msadc\backup.exe" C:\Program Files\Common Files\System\msadc\7⤵
-
C:\Program Files\Common Files\System\msadc\de-DE\backup.exe"C:\Program Files\Common Files\System\msadc\de-DE\backup.exe" C:\Program Files\Common Files\System\msadc\de-DE\8⤵
-
-
C:\Program Files\Common Files\System\msadc\en-US\backup.exe"C:\Program Files\Common Files\System\msadc\en-US\backup.exe" C:\Program Files\Common Files\System\msadc\en-US\8⤵
-
-
C:\Program Files\Common Files\System\msadc\es-ES\backup.exe"C:\Program Files\Common Files\System\msadc\es-ES\backup.exe" C:\Program Files\Common Files\System\msadc\es-ES\8⤵
-
-
C:\Program Files\Common Files\System\msadc\fr-FR\backup.exe"C:\Program Files\Common Files\System\msadc\fr-FR\backup.exe" C:\Program Files\Common Files\System\msadc\fr-FR\8⤵
-
-
C:\Program Files\Common Files\System\msadc\it-IT\backup.exe"C:\Program Files\Common Files\System\msadc\it-IT\backup.exe" C:\Program Files\Common Files\System\msadc\it-IT\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\System\msadc\ja-JP\backup.exe"C:\Program Files\Common Files\System\msadc\ja-JP\backup.exe" C:\Program Files\Common Files\System\msadc\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\System\Ole DB\backup.exe"C:\Program Files\Common Files\System\Ole DB\backup.exe" C:\Program Files\Common Files\System\Ole DB\7⤵
-
C:\Program Files\Common Files\System\Ole DB\de-DE\backup.exe"C:\Program Files\Common Files\System\Ole DB\de-DE\backup.exe" C:\Program Files\Common Files\System\Ole DB\de-DE\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\en-US\backup.exe"C:\Program Files\Common Files\System\Ole DB\en-US\backup.exe" C:\Program Files\Common Files\System\Ole DB\en-US\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\es-ES\backup.exe"C:\Program Files\Common Files\System\Ole DB\es-ES\backup.exe" C:\Program Files\Common Files\System\Ole DB\es-ES\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\fr-FR\backup.exe"C:\Program Files\Common Files\System\Ole DB\fr-FR\backup.exe" C:\Program Files\Common Files\System\Ole DB\fr-FR\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\it-IT\backup.exe"C:\Program Files\Common Files\System\Ole DB\it-IT\backup.exe" C:\Program Files\Common Files\System\Ole DB\it-IT\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\System\Ole DB\ja-JP\System Restore.exe"C:\Program Files\Common Files\System\Ole DB\ja-JP\System Restore.exe" C:\Program Files\Common Files\System\Ole DB\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\System\uk-UA\backup.exe"C:\Program Files\Common Files\System\uk-UA\backup.exe" C:\Program Files\Common Files\System\uk-UA\7⤵
-
-
-
-
C:\Program Files\Crashpad\backup.exe"C:\Program Files\Crashpad\backup.exe" C:\Program Files\Crashpad\5⤵
-
C:\Program Files\Crashpad\attachments\backup.exe"C:\Program Files\Crashpad\attachments\backup.exe" C:\Program Files\Crashpad\attachments\6⤵
-
-
C:\Program Files\Crashpad\reports\backup.exe"C:\Program Files\Crashpad\reports\backup.exe" C:\Program Files\Crashpad\reports\6⤵
-
-
-
C:\Program Files\dotnet\backup.exe"C:\Program Files\dotnet\backup.exe" C:\Program Files\dotnet\5⤵
-
C:\Program Files\dotnet\host\backup.exe"C:\Program Files\dotnet\host\backup.exe" C:\Program Files\dotnet\host\6⤵
-
C:\Program Files\dotnet\host\fxr\backup.exe"C:\Program Files\dotnet\host\fxr\backup.exe" C:\Program Files\dotnet\host\fxr\7⤵
- Drops file in Program Files directory
-
C:\Program Files\dotnet\host\fxr\6.0.27\backup.exe"C:\Program Files\dotnet\host\fxr\6.0.27\backup.exe" C:\Program Files\dotnet\host\fxr\6.0.27\8⤵
-
-
C:\Program Files\dotnet\host\fxr\7.0.16\System Restore.exe"C:\Program Files\dotnet\host\fxr\7.0.16\System Restore.exe" C:\Program Files\dotnet\host\fxr\7.0.16\8⤵
-
-
C:\Program Files\dotnet\host\fxr\8.0.2\backup.exe"C:\Program Files\dotnet\host\fxr\8.0.2\backup.exe" C:\Program Files\dotnet\host\fxr\8.0.2\8⤵
-
-
-
-
C:\Program Files\dotnet\shared\backup.exe"C:\Program Files\dotnet\shared\backup.exe" C:\Program Files\dotnet\shared\6⤵
-
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\backup.exe"C:\Program Files\dotnet\shared\Microsoft.NETCore.App\backup.exe" C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7⤵
-
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\backup.exe"C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\backup.exe" C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\8⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.16\backup.exe"C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.16\backup.exe" C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.16\8⤵
- System policy modification
-
-
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.2\backup.exe"C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.2\backup.exe" C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.2\8⤵
- Modifies visibility of file extensions in Explorer
-
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7⤵
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\8⤵
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\cs\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\cs\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\cs\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\de\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\de\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\de\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\es\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\es\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\es\9⤵
- Modifies visibility of file extensions in Explorer
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\fr\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\fr\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\fr\9⤵
- System policy modification
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\it\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\it\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\it\9⤵
- System policy modification
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\ja\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\ja\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\ja\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\ko\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\ko\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\ko\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\pl\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\pl\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\pl\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\pt-BR\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\pt-BR\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\pt-BR\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\ru\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\ru\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\ru\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\tr\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\tr\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\tr\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\zh-Hans\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\zh-Hans\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\zh-Hans\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\zh-Hant\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\zh-Hant\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\zh-Hant\9⤵
-
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\8⤵
- Drops file in Program Files directory
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\cs\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\cs\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\cs\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\de\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\de\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\de\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\es\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\es\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\es\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\fr\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\fr\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\fr\9⤵
- System policy modification
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\it\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\it\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\it\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\ja\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\ja\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\ja\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\ko\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\ko\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\ko\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\pl\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\pl\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\pl\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\pt-BR\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\pt-BR\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\pt-BR\9⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\ru\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\ru\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\ru\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\tr\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\tr\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\tr\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\zh-Hans\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\zh-Hans\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\zh-Hans\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\zh-Hant\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\zh-Hant\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\zh-Hant\9⤵
-
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\8⤵
- Drops file in Program Files directory
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\cs\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\cs\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\cs\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\de\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\de\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\de\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\es\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\es\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\es\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\fr\data.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\fr\data.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\fr\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\it\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\it\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\it\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\ja\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\ja\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\ja\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\ko\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\ko\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\ko\9⤵
- Modifies visibility of file extensions in Explorer
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\pl\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\pl\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\pl\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\pt-BR\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\pt-BR\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\pt-BR\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\ru\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\ru\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\ru\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\tr\update.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\tr\update.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\tr\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\zh-Hans\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\zh-Hans\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\zh-Hans\9⤵
-
-
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\zh-Hant\backup.exe"C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\zh-Hant\backup.exe" C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\zh-Hant\9⤵
-
-
-
-
-
C:\Program Files\dotnet\swidtag\backup.exe"C:\Program Files\dotnet\swidtag\backup.exe" C:\Program Files\dotnet\swidtag\6⤵
-
-
-
C:\Program Files\Google\backup.exe"C:\Program Files\Google\backup.exe" C:\Program Files\Google\5⤵
- System Location Discovery: System Language Discovery
-
C:\Program Files\Google\Chrome\backup.exe"C:\Program Files\Google\Chrome\backup.exe" C:\Program Files\Google\Chrome\6⤵
- System Location Discovery: System Language Discovery
-
C:\Program Files\Google\Chrome\Application\backup.exe"C:\Program Files\Google\Chrome\Application\backup.exe" C:\Program Files\Google\Chrome\Application\7⤵
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\backup.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\backup.exe" C:\Program Files\Google\Chrome\Application\123.0.6312.123\8⤵
- Drops file in Program Files directory
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\default_apps\backup.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\default_apps\backup.exe" C:\Program Files\Google\Chrome\Application\123.0.6312.123\default_apps\9⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Extensions\backup.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Extensions\backup.exe" C:\Program Files\Google\Chrome\Application\123.0.6312.123\Extensions\9⤵
- System policy modification
-
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\backup.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\backup.exe" C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\9⤵
-
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Locales\backup.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Locales\backup.exe" C:\Program Files\Google\Chrome\Application\123.0.6312.123\Locales\9⤵
-
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\MEIPreload\backup.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\MEIPreload\backup.exe" C:\Program Files\Google\Chrome\Application\123.0.6312.123\MEIPreload\9⤵
-
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\VisualElements\backup.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\VisualElements\backup.exe" C:\Program Files\Google\Chrome\Application\123.0.6312.123\VisualElements\9⤵
-
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\WidevineCdm\backup.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\WidevineCdm\backup.exe" C:\Program Files\Google\Chrome\Application\123.0.6312.123\WidevineCdm\9⤵
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\WidevineCdm\_platform_specific\backup.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\WidevineCdm\_platform_specific\backup.exe" C:\Program Files\Google\Chrome\Application\123.0.6312.123\WidevineCdm\_platform_specific\10⤵
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\WidevineCdm\_platform_specific\win_x64\backup.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\WidevineCdm\_platform_specific\win_x64\backup.exe" C:\Program Files\Google\Chrome\Application\123.0.6312.123\WidevineCdm\_platform_specific\win_x64\11⤵
-
-
-
-
-
C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe"C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe" C:\Program Files\Google\Chrome\Application\SetupMetrics\8⤵
-
-
-
-
-
C:\Program Files\Internet Explorer\backup.exe"C:\Program Files\Internet Explorer\backup.exe" C:\Program Files\Internet Explorer\5⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- System policy modification
-
C:\Program Files\Internet Explorer\de-DE\backup.exe"C:\Program Files\Internet Explorer\de-DE\backup.exe" C:\Program Files\Internet Explorer\de-DE\6⤵
-
-
C:\Program Files\Internet Explorer\en-US\backup.exe"C:\Program Files\Internet Explorer\en-US\backup.exe" C:\Program Files\Internet Explorer\en-US\6⤵
-
-
C:\Program Files\Internet Explorer\es-ES\data.exe"C:\Program Files\Internet Explorer\es-ES\data.exe" C:\Program Files\Internet Explorer\es-ES\6⤵
-
-
C:\Program Files\Internet Explorer\fr-FR\backup.exe"C:\Program Files\Internet Explorer\fr-FR\backup.exe" C:\Program Files\Internet Explorer\fr-FR\6⤵
-
-
C:\Program Files\Internet Explorer\images\backup.exe"C:\Program Files\Internet Explorer\images\backup.exe" C:\Program Files\Internet Explorer\images\6⤵
-
-
C:\Program Files\Internet Explorer\it-IT\backup.exe"C:\Program Files\Internet Explorer\it-IT\backup.exe" C:\Program Files\Internet Explorer\it-IT\6⤵
- System policy modification
-
-
C:\Program Files\Internet Explorer\ja-JP\backup.exe"C:\Program Files\Internet Explorer\ja-JP\backup.exe" C:\Program Files\Internet Explorer\ja-JP\6⤵
-
-
C:\Program Files\Internet Explorer\SIGNUP\backup.exe"C:\Program Files\Internet Explorer\SIGNUP\backup.exe" C:\Program Files\Internet Explorer\SIGNUP\6⤵
-
-
C:\Program Files\Internet Explorer\uk-UA\backup.exe"C:\Program Files\Internet Explorer\uk-UA\backup.exe" C:\Program Files\Internet Explorer\uk-UA\6⤵
-
-
-
C:\Program Files\Java\backup.exe"C:\Program Files\Java\backup.exe" C:\Program Files\Java\5⤵
- System Location Discovery: System Language Discovery
-
C:\Program Files\Java\jdk-1.8\update.exe"C:\Program Files\Java\jdk-1.8\update.exe" C:\Program Files\Java\jdk-1.8\6⤵
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk-1.8\bin\backup.exe"C:\Program Files\Java\jdk-1.8\bin\backup.exe" C:\Program Files\Java\jdk-1.8\bin\7⤵
-
-
C:\Program Files\Java\jdk-1.8\include\backup.exe"C:\Program Files\Java\jdk-1.8\include\backup.exe" C:\Program Files\Java\jdk-1.8\include\7⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\Java\jdk-1.8\include\win32\backup.exe"C:\Program Files\Java\jdk-1.8\include\win32\backup.exe" C:\Program Files\Java\jdk-1.8\include\win32\8⤵
-
C:\Program Files\Java\jdk-1.8\include\win32\bridge\backup.exe"C:\Program Files\Java\jdk-1.8\include\win32\bridge\backup.exe" C:\Program Files\Java\jdk-1.8\include\win32\bridge\9⤵
-
-
-
-
C:\Program Files\Java\jdk-1.8\jre\backup.exe"C:\Program Files\Java\jdk-1.8\jre\backup.exe" C:\Program Files\Java\jdk-1.8\jre\7⤵
-
C:\Program Files\Java\jdk-1.8\jre\bin\backup.exe"C:\Program Files\Java\jdk-1.8\jre\bin\backup.exe" C:\Program Files\Java\jdk-1.8\jre\bin\8⤵
-
C:\Program Files\Java\jdk-1.8\jre\bin\dtplugin\backup.exe"C:\Program Files\Java\jdk-1.8\jre\bin\dtplugin\backup.exe" C:\Program Files\Java\jdk-1.8\jre\bin\dtplugin\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\bin\plugin2\backup.exe"C:\Program Files\Java\jdk-1.8\jre\bin\plugin2\backup.exe" C:\Program Files\Java\jdk-1.8\jre\bin\plugin2\9⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\Java\jdk-1.8\jre\bin\server\backup.exe"C:\Program Files\Java\jdk-1.8\jre\bin\server\backup.exe" C:\Program Files\Java\jdk-1.8\jre\bin\server\9⤵
- Modifies visibility of file extensions in Explorer
-
-
-
C:\Program Files\Java\jdk-1.8\jre\legal\backup.exe"C:\Program Files\Java\jdk-1.8\jre\legal\backup.exe" C:\Program Files\Java\jdk-1.8\jre\legal\8⤵
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk-1.8\jre\legal\javafx\backup.exe"C:\Program Files\Java\jdk-1.8\jre\legal\javafx\backup.exe" C:\Program Files\Java\jdk-1.8\jre\legal\javafx\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\legal\jdk\backup.exe"C:\Program Files\Java\jdk-1.8\jre\legal\jdk\backup.exe" C:\Program Files\Java\jdk-1.8\jre\legal\jdk\9⤵
-
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\8⤵
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk-1.8\jre\lib\amd64\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\amd64\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\amd64\9⤵
- System policy modification
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\applet\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\applet\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\applet\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\cmm\data.exe"C:\Program Files\Java\jdk-1.8\jre\lib\cmm\data.exe" C:\Program Files\Java\jdk-1.8\jre\lib\cmm\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\deploy\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\deploy\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\deploy\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\ext\data.exe"C:\Program Files\Java\jdk-1.8\jre\lib\ext\data.exe" C:\Program Files\Java\jdk-1.8\jre\lib\ext\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\fonts\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\fonts\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\fonts\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\images\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\images\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\images\9⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\10⤵
-
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\jfr\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\jfr\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\jfr\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\management\update.exe"C:\Program Files\Java\jdk-1.8\jre\lib\management\update.exe" C:\Program Files\Java\jdk-1.8\jre\lib\management\9⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\security\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\security\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\security\9⤵
-
C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\10⤵
-
C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\limited\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\limited\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\limited\11⤵
- Modifies visibility of file extensions in Explorer
- System Location Discovery: System Language Discovery
- System policy modification
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\unlimited\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\unlimited\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\unlimited\11⤵
- System Location Discovery: System Language Discovery
-
-
-
-
-
-
C:\Program Files\Java\jdk-1.8\legal\backup.exe"C:\Program Files\Java\jdk-1.8\legal\backup.exe" C:\Program Files\Java\jdk-1.8\legal\7⤵
-
C:\Program Files\Java\jdk-1.8\legal\javafx\backup.exe"C:\Program Files\Java\jdk-1.8\legal\javafx\backup.exe" C:\Program Files\Java\jdk-1.8\legal\javafx\8⤵
-
-
C:\Program Files\Java\jdk-1.8\legal\jdk\backup.exe"C:\Program Files\Java\jdk-1.8\legal\jdk\backup.exe" C:\Program Files\Java\jdk-1.8\legal\jdk\8⤵
-
-
-
C:\Program Files\Java\jdk-1.8\lib\backup.exe"C:\Program Files\Java\jdk-1.8\lib\backup.exe" C:\Program Files\Java\jdk-1.8\lib\7⤵
-
-
-
C:\Program Files\Java\jre-1.8\backup.exe"C:\Program Files\Java\jre-1.8\backup.exe" C:\Program Files\Java\jre-1.8\6⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\Java\jre-1.8\bin\backup.exe"C:\Program Files\Java\jre-1.8\bin\backup.exe" C:\Program Files\Java\jre-1.8\bin\7⤵
-
C:\Program Files\Java\jre-1.8\bin\dtplugin\backup.exe"C:\Program Files\Java\jre-1.8\bin\dtplugin\backup.exe" C:\Program Files\Java\jre-1.8\bin\dtplugin\8⤵
-
-
C:\Program Files\Java\jre-1.8\bin\plugin2\backup.exe"C:\Program Files\Java\jre-1.8\bin\plugin2\backup.exe" C:\Program Files\Java\jre-1.8\bin\plugin2\8⤵
-
-
C:\Program Files\Java\jre-1.8\bin\server\backup.exe"C:\Program Files\Java\jre-1.8\bin\server\backup.exe" C:\Program Files\Java\jre-1.8\bin\server\8⤵
-
-
-
C:\Program Files\Java\jre-1.8\legal\backup.exe"C:\Program Files\Java\jre-1.8\legal\backup.exe" C:\Program Files\Java\jre-1.8\legal\7⤵
-
C:\Program Files\Java\jre-1.8\legal\javafx\backup.exe"C:\Program Files\Java\jre-1.8\legal\javafx\backup.exe" C:\Program Files\Java\jre-1.8\legal\javafx\8⤵
-
-
C:\Program Files\Java\jre-1.8\legal\jdk\data.exe"C:\Program Files\Java\jre-1.8\legal\jdk\data.exe" C:\Program Files\Java\jre-1.8\legal\jdk\8⤵
- Modifies visibility of file extensions in Explorer
- System Location Discovery: System Language Discovery
-
-
-
C:\Program Files\Java\jre-1.8\lib\backup.exe"C:\Program Files\Java\jre-1.8\lib\backup.exe" C:\Program Files\Java\jre-1.8\lib\7⤵
-
C:\Program Files\Java\jre-1.8\lib\amd64\backup.exe"C:\Program Files\Java\jre-1.8\lib\amd64\backup.exe" C:\Program Files\Java\jre-1.8\lib\amd64\8⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\Java\jre-1.8\lib\applet\backup.exe"C:\Program Files\Java\jre-1.8\lib\applet\backup.exe" C:\Program Files\Java\jre-1.8\lib\applet\8⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\Java\jre-1.8\lib\cmm\System Restore.exe"C:\Program Files\Java\jre-1.8\lib\cmm\System Restore.exe" C:\Program Files\Java\jre-1.8\lib\cmm\8⤵
-
-
C:\Program Files\Java\jre-1.8\lib\deploy\backup.exe"C:\Program Files\Java\jre-1.8\lib\deploy\backup.exe" C:\Program Files\Java\jre-1.8\lib\deploy\8⤵
- System policy modification
-
-
C:\Program Files\Java\jre-1.8\lib\ext\backup.exe"C:\Program Files\Java\jre-1.8\lib\ext\backup.exe" C:\Program Files\Java\jre-1.8\lib\ext\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Java\jre-1.8\lib\fonts\backup.exe"C:\Program Files\Java\jre-1.8\lib\fonts\backup.exe" C:\Program Files\Java\jre-1.8\lib\fonts\8⤵
-
-
C:\Program Files\Java\jre-1.8\lib\images\backup.exe"C:\Program Files\Java\jre-1.8\lib\images\backup.exe" C:\Program Files\Java\jre-1.8\lib\images\8⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Java\jre-1.8\lib\images\cursors\backup.exe"C:\Program Files\Java\jre-1.8\lib\images\cursors\backup.exe" C:\Program Files\Java\jre-1.8\lib\images\cursors\9⤵
-
-
-
C:\Program Files\Java\jre-1.8\lib\jfr\backup.exe"C:\Program Files\Java\jre-1.8\lib\jfr\backup.exe" C:\Program Files\Java\jre-1.8\lib\jfr\8⤵
-
-
C:\Program Files\Java\jre-1.8\lib\management\backup.exe"C:\Program Files\Java\jre-1.8\lib\management\backup.exe" C:\Program Files\Java\jre-1.8\lib\management\8⤵
-
-
C:\Program Files\Java\jre-1.8\lib\security\backup.exe"C:\Program Files\Java\jre-1.8\lib\security\backup.exe" C:\Program Files\Java\jre-1.8\lib\security\8⤵
-
C:\Program Files\Java\jre-1.8\lib\security\policy\backup.exe"C:\Program Files\Java\jre-1.8\lib\security\policy\backup.exe" C:\Program Files\Java\jre-1.8\lib\security\policy\9⤵
-
C:\Program Files\Java\jre-1.8\lib\security\policy\limited\backup.exe"C:\Program Files\Java\jre-1.8\lib\security\policy\limited\backup.exe" C:\Program Files\Java\jre-1.8\lib\security\policy\limited\10⤵
-
-
C:\Program Files\Java\jre-1.8\lib\security\policy\unlimited\backup.exe"C:\Program Files\Java\jre-1.8\lib\security\policy\unlimited\backup.exe" C:\Program Files\Java\jre-1.8\lib\security\policy\unlimited\10⤵
-
-
-
-
-
-
-
C:\Program Files\Microsoft Office\backup.exe"C:\Program Files\Microsoft Office\backup.exe" C:\Program Files\Microsoft Office\5⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
-
C:\Program Files\Microsoft Office\Office16\backup.exe"C:\Program Files\Microsoft Office\Office16\backup.exe" C:\Program Files\Microsoft Office\Office16\6⤵
- System policy modification
-
-
C:\Program Files\Microsoft Office\PackageManifests\backup.exe"C:\Program Files\Microsoft Office\PackageManifests\backup.exe" C:\Program Files\Microsoft Office\PackageManifests\6⤵
-
-
C:\Program Files\Microsoft Office\root\backup.exe"C:\Program Files\Microsoft Office\root\backup.exe" C:\Program Files\Microsoft Office\root\6⤵
- Drops file in Program Files directory
-
C:\Program Files\Microsoft Office\root\Client\backup.exe"C:\Program Files\Microsoft Office\root\Client\backup.exe" C:\Program Files\Microsoft Office\root\Client\7⤵
-
-
C:\Program Files\Microsoft Office\root\Document Themes 16\backup.exe"C:\Program Files\Microsoft Office\root\Document Themes 16\backup.exe" C:\Program Files\Microsoft Office\root\Document Themes 16\7⤵
-
C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\backup.exe"C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\backup.exe" C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\8⤵
- System Location Discovery: System Language Discovery
- System policy modification
-
-
C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\backup.exe"C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\backup.exe" C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\8⤵
-
-
C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\backup.exe"C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\backup.exe" C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\8⤵
-
-
-
C:\Program Files\Microsoft Office\root\fre\backup.exe"C:\Program Files\Microsoft Office\root\fre\backup.exe" C:\Program Files\Microsoft Office\root\fre\7⤵
-
-
C:\Program Files\Microsoft Office\root\Integration\backup.exe"C:\Program Files\Microsoft Office\root\Integration\backup.exe" C:\Program Files\Microsoft Office\root\Integration\7⤵
-
C:\Program Files\Microsoft Office\root\Integration\Addons\backup.exe"C:\Program Files\Microsoft Office\root\Integration\Addons\backup.exe" C:\Program Files\Microsoft Office\root\Integration\Addons\8⤵
-
-
-
C:\Program Files\Microsoft Office\root\Licenses\backup.exe"C:\Program Files\Microsoft Office\root\Licenses\backup.exe" C:\Program Files\Microsoft Office\root\Licenses\7⤵
-
-
C:\Program Files\Microsoft Office\root\Licenses16\System Restore.exe"C:\Program Files\Microsoft Office\root\Licenses16\System Restore.exe" C:\Program Files\Microsoft Office\root\Licenses16\7⤵
-
-
C:\Program Files\Microsoft Office\root\loc\backup.exe"C:\Program Files\Microsoft Office\root\loc\backup.exe" C:\Program Files\Microsoft Office\root\loc\7⤵
- System policy modification
-
-
C:\Program Files\Microsoft Office\root\Office15\backup.exe"C:\Program Files\Microsoft Office\root\Office15\backup.exe" C:\Program Files\Microsoft Office\root\Office15\7⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\backup.exe"C:\Program Files\Microsoft Office\root\Office16\backup.exe" C:\Program Files\Microsoft Office\root\Office16\7⤵
- Drops file in Program Files directory
-
C:\Program Files\Microsoft Office\root\Office16\1033\backup.exe"C:\Program Files\Microsoft Office\root\Office16\1033\backup.exe" C:\Program Files\Microsoft Office\root\Office16\1033\8⤵
- System policy modification
-
C:\Program Files\Microsoft Office\root\Office16\1033\Bibliography\backup.exe"C:\Program Files\Microsoft Office\root\Office16\1033\Bibliography\backup.exe" C:\Program Files\Microsoft Office\root\Office16\1033\Bibliography\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\backup.exe"C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\backup.exe" C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\9⤵
- System policy modification
-
-
C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\backup.exe"C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\backup.exe" C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\9⤵
-
-
-
C:\Program Files\Microsoft Office\root\Office16\1036\backup.exe"C:\Program Files\Microsoft Office\root\Office16\1036\backup.exe" C:\Program Files\Microsoft Office\root\Office16\1036\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Microsoft Office\root\Office16\3082\backup.exe"C:\Program Files\Microsoft Office\root\Office16\3082\backup.exe" C:\Program Files\Microsoft Office\root\Office16\3082\8⤵
- System policy modification
-
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\8⤵
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\9⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\10⤵
-
-
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\9⤵
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\10⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\en\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\en\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\en\10⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\10⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\1033\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\1033\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\1033\11⤵
-
-
-
-
-
C:\Program Files\Microsoft Office\root\Office16\AugLoop\backup.exe"C:\Program Files\Microsoft Office\root\Office16\AugLoop\backup.exe" C:\Program Files\Microsoft Office\root\Office16\AugLoop\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\Bibliography\backup.exe"C:\Program Files\Microsoft Office\root\Office16\Bibliography\backup.exe" C:\Program Files\Microsoft Office\root\Office16\Bibliography\8⤵
-
C:\Program Files\Microsoft Office\root\Office16\Bibliography\Sort\backup.exe"C:\Program Files\Microsoft Office\root\Office16\Bibliography\Sort\backup.exe" C:\Program Files\Microsoft Office\root\Office16\Bibliography\Sort\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\System Restore.exe"C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\System Restore.exe" C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\9⤵
-
-
-
C:\Program Files\Microsoft Office\root\Office16\BORDERS\update.exe"C:\Program Files\Microsoft Office\root\Office16\BORDERS\update.exe" C:\Program Files\Microsoft Office\root\Office16\BORDERS\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\Configuration\backup.exe"C:\Program Files\Microsoft Office\root\Office16\Configuration\backup.exe" C:\Program Files\Microsoft Office\root\Office16\Configuration\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\Document Parts\backup.exe"C:\Program Files\Microsoft Office\root\Office16\Document Parts\backup.exe" C:\Program Files\Microsoft Office\root\Office16\Document Parts\8⤵
-
C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\backup.exe"C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\backup.exe" C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\9⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\16\backup.exe"C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\16\backup.exe" C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\16\10⤵
- Modifies visibility of file extensions in Explorer
-
-
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_f14\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_f14\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_f14\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_f2\System Restore.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_f2\System Restore.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_f2\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_f3\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_f3\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_f3\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_f33\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_f33\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_f33\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_f4\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_f4\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_f4\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_f7\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_f7\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_f7\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000006\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000006\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000006\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000008\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000008\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000008\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000009\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000009\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000009\8⤵
- System policy modification
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000011\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000011\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000011\8⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000050\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000050\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000050\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_w1\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_w1\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_w1\8⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files\Microsoft Office\root\Office16\Library\backup.exe"C:\Program Files\Microsoft Office\root\Office16\Library\backup.exe" C:\Program Files\Microsoft Office\root\Office16\Library\8⤵
-
C:\Program Files\Microsoft Office\root\Office16\Library\Analysis\backup.exe"C:\Program Files\Microsoft Office\root\Office16\Library\Analysis\backup.exe" C:\Program Files\Microsoft Office\root\Office16\Library\Analysis\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Microsoft Office\root\Office16\Library\SOLVER\backup.exe"C:\Program Files\Microsoft Office\root\Office16\Library\SOLVER\backup.exe" C:\Program Files\Microsoft Office\root\Office16\Library\SOLVER\9⤵
- System policy modification
-
-
-
C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\backup.exe"C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\backup.exe" C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\8⤵
- System policy modification
-
C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\backup.exe"C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\backup.exe" C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\9⤵
-
C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\default\backup.exe"C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\default\backup.exe" C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\default\10⤵
-
-
-
-
C:\Program Files\Microsoft Office\root\Office16\LogoImages\backup.exe"C:\Program Files\Microsoft Office\root\Office16\LogoImages\backup.exe" C:\Program Files\Microsoft Office\root\Office16\LogoImages\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MEDIA\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MEDIA\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MEDIA\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\8⤵
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\ar\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\ar\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\ar\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\bg\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\bg\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\bg\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\ca\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\ca\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\ca\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\cs\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\cs\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\cs\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\da\update.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\da\update.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\da\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\de\update.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\de\update.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\de\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\el\update.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\el\update.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\el\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\en-us\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\en-us\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\en-us\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\es\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\es\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\es\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\et\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\et\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\et\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\eu\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\eu\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\eu\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\fi\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\fi\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\fi\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\fr\System Restore.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\fr\System Restore.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\fr\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\gl\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\gl\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\gl\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\he\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\he\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\he\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\hi\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\hi\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\hi\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\hr\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\hr\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\hr\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\hu\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\hu\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\hu\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\id\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\id\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\id\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\it\System Restore.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\it\System Restore.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\it\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\ja\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\ja\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\ja\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\kk\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\kk\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\kk\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\ko\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\ko\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\ko\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\lt\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\lt\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\lt\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\lv\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\lv\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\lv\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\ms\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\ms\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\ms\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\nl\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\nl\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\nl\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\no\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\no\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\no\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\pl\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\pl\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\pl\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\pt\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\pt\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\pt\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\pt-BR\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\pt-BR\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\pt-BR\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\ro\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\ro\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\ro\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\ru\update.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\ru\update.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\ru\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\sk\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\sk\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\sk\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\sl\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\sl\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\sl\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Cyrl-BA\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Cyrl-BA\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Cyrl-BA\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Cyrl-RS\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Cyrl-RS\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Cyrl-RS\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Latn-RS\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Latn-RS\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Latn-RS\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\sv\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\sv\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\sv\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\th\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\th\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\th\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\tr\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\tr\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\tr\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\uk\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\uk\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\uk\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\vi\update.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\vi\update.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\vi\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\MSIPC\zh-CN\backup.exe"C:\Program Files\Microsoft Office\root\Office16\MSIPC\zh-CN\backup.exe" C:\Program Files\Microsoft Office\root\Office16\MSIPC\zh-CN\9⤵
-
-
-
-
C:\Program Files\Microsoft Office\root\rsod\backup.exe"C:\Program Files\Microsoft Office\root\rsod\backup.exe" C:\Program Files\Microsoft Office\root\rsod\7⤵
-
-
C:\Program Files\Microsoft Office\root\Templates\backup.exe"C:\Program Files\Microsoft Office\root\Templates\backup.exe" C:\Program Files\Microsoft Office\root\Templates\7⤵
-
C:\Program Files\Microsoft Office\root\Templates\1033\backup.exe"C:\Program Files\Microsoft Office\root\Templates\1033\backup.exe" C:\Program Files\Microsoft Office\root\Templates\1033\8⤵
-
C:\Program Files\Microsoft Office\root\Templates\1033\GettingStarted16\backup.exe"C:\Program Files\Microsoft Office\root\Templates\1033\GettingStarted16\backup.exe" C:\Program Files\Microsoft Office\root\Templates\1033\GettingStarted16\9⤵
-
-
C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\backup.exe"C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\backup.exe" C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\9⤵
-
C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\16\backup.exe"C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\16\backup.exe" C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\16\10⤵
-
C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\16\Stationery\backup.exe"C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\16\Stationery\backup.exe" C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\16\Stationery\11⤵
-
-
-
-
-
C:\Program Files\Microsoft Office\root\Templates\Presentation Designs\backup.exe"C:\Program Files\Microsoft Office\root\Templates\Presentation Designs\backup.exe" C:\Program Files\Microsoft Office\root\Templates\Presentation Designs\8⤵
-
-
-
C:\Program Files\Microsoft Office\root\vfs\backup.exe"C:\Program Files\Microsoft Office\root\vfs\backup.exe" C:\Program Files\Microsoft Office\root\vfs\7⤵
-
C:\Program Files\Microsoft Office\root\vfs\Common AppData\backup.exe"C:\Program Files\Microsoft Office\root\vfs\Common AppData\backup.exe" C:\Program Files\Microsoft Office\root\vfs\Common AppData\8⤵
-
C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\backup.exe"C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\backup.exe" C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\9⤵
-
C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\backup.exe"C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\backup.exe" C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\10⤵
-
C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\Heartbeat\backup.exe"C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\Heartbeat\backup.exe" C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\Heartbeat\11⤵
-
-
-
-
C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\backup.exe"C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\backup.exe" C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\9⤵
-
-
-
C:\Program Files\Microsoft Office\root\vfs\Fonts\backup.exe"C:\Program Files\Microsoft Office\root\vfs\Fonts\backup.exe" C:\Program Files\Microsoft Office\root\vfs\Fonts\8⤵
-
C:\Program Files\Microsoft Office\root\vfs\Fonts\private\backup.exe"C:\Program Files\Microsoft Office\root\vfs\Fonts\private\backup.exe" C:\Program Files\Microsoft Office\root\vfs\Fonts\private\9⤵
-
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\8⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\DESIGNER\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\DESIGNER\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\DESIGNER\9⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\9⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\10⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\10⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\1033\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\1033\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\1033\11⤵
-
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EURO\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EURO\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EURO\10⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Filters\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Filters\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Filters\10⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\10⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\update.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\update.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\10⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\10⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\11⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Cultures\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Cultures\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Cultures\11⤵
-
-
-
-
-
-
-
C:\Program Files\Microsoft Office\Updates\backup.exe"C:\Program Files\Microsoft Office\Updates\backup.exe" C:\Program Files\Microsoft Office\Updates\6⤵
-
C:\Program Files\Microsoft Office\Updates\Apply\backup.exe"C:\Program Files\Microsoft Office\Updates\Apply\backup.exe" C:\Program Files\Microsoft Office\Updates\Apply\7⤵
-
C:\Program Files\Microsoft Office\Updates\Apply\FilesInUse\backup.exe"C:\Program Files\Microsoft Office\Updates\Apply\FilesInUse\backup.exe" C:\Program Files\Microsoft Office\Updates\Apply\FilesInUse\8⤵
-
C:\Program Files\Microsoft Office\Updates\Apply\FilesInUse\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\backup.exe"C:\Program Files\Microsoft Office\Updates\Apply\FilesInUse\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\backup.exe" C:\Program Files\Microsoft Office\Updates\Apply\FilesInUse\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\9⤵
-
-
-
-
C:\Program Files\Microsoft Office\Updates\Download\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\7⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\8⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\9⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\10⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\11⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\data.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\data.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\12⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\assembly\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\assembly\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\assembly\13⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\assembly\GAC_MSIL\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\assembly\GAC_MSIL\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\assembly\GAC_MSIL\14⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.SPClient.Interfaces\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.SPClient.Interfaces\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.SPClient.Interfaces\15⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.SPClient.Interfaces\13.0.0.0__89845DCD8080CC91\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.SPClient.Interfaces\13.0.0.0__89845DCD8080CC91\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\0855871B-A2C6-4F79-BA33-4BE43A9B6A02\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.SPClient.Interfaces\13.0.0.0__89845DCD8080CC91\16⤵
-
-
-
-
-
-
-
-
-
-
-
-
-
C:\Program Files\Microsoft Office 15\backup.exe"C:\Program Files\Microsoft Office 15\backup.exe" C:\Program Files\Microsoft Office 15\5⤵
-
C:\Program Files\Microsoft Office 15\ClientX64\backup.exe"C:\Program Files\Microsoft Office 15\ClientX64\backup.exe" C:\Program Files\Microsoft Office 15\ClientX64\6⤵
-
-
-
C:\Program Files\Mozilla Firefox\backup.exe"C:\Program Files\Mozilla Firefox\backup.exe" C:\Program Files\Mozilla Firefox\5⤵
-
C:\Program Files\Mozilla Firefox\browser\backup.exe"C:\Program Files\Mozilla Firefox\browser\backup.exe" C:\Program Files\Mozilla Firefox\browser\6⤵
-
C:\Program Files\Mozilla Firefox\browser\features\backup.exe"C:\Program Files\Mozilla Firefox\browser\features\backup.exe" C:\Program Files\Mozilla Firefox\browser\features\7⤵
-
-
C:\Program Files\Mozilla Firefox\browser\VisualElements\backup.exe"C:\Program Files\Mozilla Firefox\browser\VisualElements\backup.exe" C:\Program Files\Mozilla Firefox\browser\VisualElements\7⤵
-
-
-
C:\Program Files\Mozilla Firefox\defaults\backup.exe"C:\Program Files\Mozilla Firefox\defaults\backup.exe" C:\Program Files\Mozilla Firefox\defaults\6⤵
-
C:\Program Files\Mozilla Firefox\defaults\pref\backup.exe"C:\Program Files\Mozilla Firefox\defaults\pref\backup.exe" C:\Program Files\Mozilla Firefox\defaults\pref\7⤵
-
-
-
C:\Program Files\Mozilla Firefox\fonts\backup.exe"C:\Program Files\Mozilla Firefox\fonts\backup.exe" C:\Program Files\Mozilla Firefox\fonts\6⤵
-
-
C:\Program Files\Mozilla Firefox\gmp-clearkey\backup.exe"C:\Program Files\Mozilla Firefox\gmp-clearkey\backup.exe" C:\Program Files\Mozilla Firefox\gmp-clearkey\6⤵
-
C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\backup.exe"C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\backup.exe" C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\7⤵
-
-
-
C:\Program Files\Mozilla Firefox\uninstall\backup.exe"C:\Program Files\Mozilla Firefox\uninstall\backup.exe" C:\Program Files\Mozilla Firefox\uninstall\6⤵
-
-
-
C:\Program Files\MSBuild\backup.exe"C:\Program Files\MSBuild\backup.exe" C:\Program Files\MSBuild\5⤵
-
C:\Program Files\MSBuild\Microsoft\backup.exe"C:\Program Files\MSBuild\Microsoft\backup.exe" C:\Program Files\MSBuild\Microsoft\6⤵
-
C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\backup.exe"C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\backup.exe" C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\7⤵
-
C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\backup.exe"C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\backup.exe" C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\8⤵
-
-
C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\backup.exe"C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\backup.exe" C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\8⤵
-
-
-
-
-
C:\Program Files\Reference Assemblies\backup.exe"C:\Program Files\Reference Assemblies\backup.exe" C:\Program Files\Reference Assemblies\5⤵
-
C:\Program Files\Reference Assemblies\Microsoft\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\6⤵
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\7⤵
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\8⤵
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\data.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\data.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System Restore.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System Restore.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\9⤵
-
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\8⤵
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System Restore.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System Restore.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\9⤵
-
-
-
-
-
-
C:\Program Files\VideoLAN\backup.exe"C:\Program Files\VideoLAN\backup.exe" C:\Program Files\VideoLAN\5⤵
-
C:\Program Files\VideoLAN\VLC\backup.exe"C:\Program Files\VideoLAN\VLC\backup.exe" C:\Program Files\VideoLAN\VLC\6⤵
-
C:\Program Files\VideoLAN\VLC\hrtfs\backup.exe"C:\Program Files\VideoLAN\VLC\hrtfs\backup.exe" C:\Program Files\VideoLAN\VLC\hrtfs\7⤵
-
-
C:\Program Files\VideoLAN\VLC\locale\backup.exe"C:\Program Files\VideoLAN\VLC\locale\backup.exe" C:\Program Files\VideoLAN\VLC\locale\7⤵
-
C:\Program Files\VideoLAN\VLC\locale\ach\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ach\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ach\8⤵
-
-
-
-
-
-
C:\Program Files (x86)\data.exe"C:\Program Files (x86)\data.exe" C:\Program Files (x86)\4⤵
-
C:\Program Files (x86)\Adobe\backup.exe"C:\Program Files (x86)\Adobe\backup.exe" C:\Program Files (x86)\Adobe\5⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\6⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\7⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\7⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\9⤵
- System policy modification
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroLayoutRecognizer\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroLayoutRecognizer\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroLayoutRecognizer\8⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\8⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\8⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\9⤵
- Modifies visibility of file extensions in Explorer
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\8⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\ENU\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\ENU\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\ENU\9⤵
- Modifies visibility of file extensions in Explorer
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Javascripts\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Javascripts\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Javascripts\8⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\ENU\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\ENU\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\ENU\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Locale\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Locale\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Locale\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Locale\en_US\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Locale\en_US\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Locale\en_US\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\8⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\9⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\PMP\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\PMP\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\PMP\10⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\9⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\10⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\ENU\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\ENU\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\ENU\11⤵
- Modifies visibility of file extensions in Explorer
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\9⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\MPP\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\MPP\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\MPP\10⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\prc\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\prc\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\prc\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\8⤵
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\UIThemes\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\UIThemes\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\UIThemes\8⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\9⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\10⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\11⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\13⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\cef\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\cef\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\cef\14⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\libs\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\libs\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\libs\14⤵
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\12⤵
- System Location Discovery: System Language Discovery
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\cef\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\cef\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\cef\14⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\libs\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\libs\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\libs\14⤵
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\12⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\13⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\cef\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\cef\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\cef\14⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\libs\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\libs\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\libs\14⤵
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\11⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\hi_contrast\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\hi_contrast\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\hi_contrast\13⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\14⤵
- System policy modification
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\hi_contrast\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\hi_contrast\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\hi_contrast\12⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\13⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\themes\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\themes\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\themes\13⤵
- System Location Discovery: System Language Discovery
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\themes\dark\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\themes\dark\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\themes\dark\14⤵
- System policy modification
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\themes\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\themes\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\themes\13⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\themes\dark\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\themes\dark\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\themes\dark\14⤵
- System policy modification
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\11⤵
- System Location Discovery: System Language Discovery
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\13⤵
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\14⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ar-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ar-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ar-ae\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ca-es\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ca-es\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ca-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\cs-cz\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\cs-cz\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\cs-cz\15⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\da-dk\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\da-dk\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\da-dk\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\de-de\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\de-de\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\de-de\15⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-ae\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-gb\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-gb\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-gb\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-il\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-il\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-il\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\es-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\es-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\es-es\15⤵
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\eu-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\eu-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\eu-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fi-fi\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fi-fi\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fi-fi\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fr-fr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fr-fr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fr-fr\15⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fr-ma\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fr-ma\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fr-ma\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\he-il\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\he-il\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\he-il\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\hr-hr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\hr-hr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\hr-hr\15⤵
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\hu-hu\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\hu-hu\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\hu-hu\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\it-it\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\it-it\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\it-it\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ja-jp\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ja-jp\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ja-jp\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ko-kr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ko-kr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ko-kr\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\nb-no\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\nb-no\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\nb-no\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\nl-nl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\nl-nl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\nl-nl\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\pl-pl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\pl-pl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\pl-pl\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\pt-br\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\pt-br\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\pt-br\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\root\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\root\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\root\15⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ro-ro\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ro-ro\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ro-ro\15⤵
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ru-ru\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ru-ru\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ru-ru\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sk-sk\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sk-sk\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sk-sk\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sl-si\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sl-si\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sl-si\15⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sl-sl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sl-sl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sl-sl\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sv-se\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sv-se\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sv-se\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\tr-tr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\tr-tr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\tr-tr\15⤵
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\uk-ua\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\uk-ua\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\uk-ua\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\zh-cn\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\zh-cn\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\zh-cn\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\zh-tw\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\zh-tw\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\zh-tw\15⤵
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app-api\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app-api\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app-api\12⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app-api\dev\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app-api\dev\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app-api\dev\13⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\14⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ar-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ar-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ar-ae\15⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ca-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ca-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ca-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\cs-cz\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\cs-cz\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\cs-cz\15⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\da-dk\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\da-dk\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\da-dk\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\de-de\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\de-de\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\de-de\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-ae\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-gb\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-gb\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-gb\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-il\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-il\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-il\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\es-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\es-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\es-es\15⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\eu-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\eu-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\eu-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fi-fi\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fi-fi\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fi-fi\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fr-fr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fr-fr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fr-fr\15⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fr-ma\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fr-ma\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fr-ma\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\he-il\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\he-il\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\he-il\15⤵
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\hr-hr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\hr-hr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\hr-hr\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\hu-hu\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\hu-hu\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\hu-hu\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\it-it\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\it-it\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\it-it\15⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ja-jp\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ja-jp\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ja-jp\15⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ko-kr\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ko-kr\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ko-kr\15⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\nb-no\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\nb-no\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\nb-no\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\nl-nl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\nl-nl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\nl-nl\15⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\pl-pl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\pl-pl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\pl-pl\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\pt-br\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\pt-br\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\pt-br\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\root\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\root\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\root\15⤵
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ro-ro\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ro-ro\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ro-ro\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ru-ru\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ru-ru\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ru-ru\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\sk-sk\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\sk-sk\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\sk-sk\15⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\sl-si\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\sl-si\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\sl-si\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\sl-sl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\sl-sl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\sl-sl\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\sv-se\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\sv-se\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\sv-se\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\tr-tr\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\tr-tr\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\tr-tr\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\uk-ua\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\uk-ua\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\uk-ua\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\zh-cn\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\zh-cn\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\zh-cn\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\zh-tw\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\zh-tw\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\zh-tw\15⤵
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\13⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\14⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ar-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ar-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ar-ae\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ca-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ca-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ca-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\cs-cz\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\cs-cz\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\cs-cz\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\da-dk\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\da-dk\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\da-dk\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\de-de\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\de-de\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\de-de\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-ae\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-gb\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-gb\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-gb\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-il\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-il\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-il\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\es-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\es-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\es-es\15⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\eu-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\eu-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\eu-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fi-fi\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fi-fi\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fi-fi\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fr-fr\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fr-fr\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fr-fr\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fr-ma\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fr-ma\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fr-ma\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\he-il\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\he-il\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\he-il\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\hr-hr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\hr-hr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\hr-hr\15⤵
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\hu-hu\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\hu-hu\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\hu-hu\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\it-it\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\it-it\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\it-it\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ja-jp\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ja-jp\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ja-jp\15⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ko-kr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ko-kr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ko-kr\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\nb-no\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\nb-no\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\nb-no\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\nl-nl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\nl-nl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\nl-nl\15⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\pl-pl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\pl-pl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\pl-pl\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\pt-br\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\pt-br\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\pt-br\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\root\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\root\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\root\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ro-ro\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ro-ro\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ro-ro\15⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ru-ru\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ru-ru\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ru-ru\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\sk-sk\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\sk-sk\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\sk-sk\15⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\sl-si\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\sl-si\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\sl-si\15⤵
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\sl-sl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\sl-sl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\sl-sl\15⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\sv-se\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\sv-se\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\sv-se\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\tr-tr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\tr-tr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\tr-tr\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\uk-ua\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\uk-ua\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\uk-ua\15⤵
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\zh-cn\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\zh-cn\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\zh-cn\15⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\zh-tw\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\zh-tw\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\zh-tw\15⤵
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\jquery.ui.touch-punch\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\jquery.ui.touch-punch\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\jquery.ui.touch-punch\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\jquery.ui.touch-punch\0.2.2\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\jquery.ui.touch-punch\0.2.2\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\jquery.ui.touch-punch\0.2.2\14⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\require\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\require\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\require\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\require\2.1.15\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\require\2.1.15\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\require\2.1.15\14⤵
- System policy modification
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\misc\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\misc\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\misc\12⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\css\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\css\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\css\14⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\images\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\images\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\images\14⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\14⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\15⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ar-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ar-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ar-ae\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ca-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ca-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ca-es\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\cs-cz\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\cs-cz\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\cs-cz\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\da-dk\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\da-dk\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\da-dk\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\de-de\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\de-de\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\de-de\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\en-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\en-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\en-ae\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\en-gb\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\en-gb\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\en-gb\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\en-il\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\en-il\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\en-il\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\es-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\es-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\es-es\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\eu-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\eu-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\eu-es\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\fi-fi\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\fi-fi\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\fi-fi\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\fr-fr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\fr-fr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\fr-fr\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\fr-ma\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\fr-ma\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\fr-ma\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\he-il\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\he-il\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\he-il\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\hr-hr\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\hr-hr\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\hr-hr\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\hu-hu\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\hu-hu\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\hu-hu\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\it-it\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\it-it\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\it-it\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ja-jp\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ja-jp\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ja-jp\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ko-kr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ko-kr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ko-kr\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\nb-no\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\nb-no\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\nb-no\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\nl-nl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\nl-nl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\nl-nl\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\pl-pl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\pl-pl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\pl-pl\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\pt-br\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\pt-br\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\pt-br\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\root\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\root\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\root\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ro-ro\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ro-ro\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ro-ro\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ru-ru\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ru-ru\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ru-ru\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\sk-sk\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\sk-sk\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\sk-sk\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\sl-si\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\sl-si\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\sl-si\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\sl-sl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\sl-sl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\sl-sl\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\sv-se\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\sv-se\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\sv-se\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\tr-tr\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\tr-tr\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\tr-tr\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\uk-ua\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\uk-ua\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\uk-ua\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\zh-cn\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\zh-cn\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\zh-cn\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\zh-tw\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\zh-tw\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\zh-tw\16⤵
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\css\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\css\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\css\14⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\14⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\15⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\dark\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\dark\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\dark\16⤵
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\14⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\15⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\ar-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\ar-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\ar-ae\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\ca-es\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\ca-es\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\ca-es\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\cs-cz\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\cs-cz\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\cs-cz\16⤵
-
-
-
-
-
-
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\7⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\8⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\PFM\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\PFM\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\PFM\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\SaslPrep\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\SaslPrep\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\SaslPrep\8⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\8⤵
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\9⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\ICU\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\ICU\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\ICU\10⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\10⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Adobe\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Adobe\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Adobe\11⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Mac\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Mac\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Mac\11⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\win\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\win\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\win\11⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\7⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\8⤵
-
-
-
-
-
C:\Program Files (x86)\Common Files\backup.exe"C:\Program Files (x86)\Common Files\backup.exe" C:\Program Files (x86)\Common Files\5⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Common Files\Adobe\backup.exe"C:\Program Files (x86)\Common Files\Adobe\backup.exe" C:\Program Files (x86)\Common Files\Adobe\6⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Common Files\Adobe\Acrobat\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Acrobat\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Acrobat\7⤵
- Drops file in Program Files directory
-
-
C:\Program Files (x86)\Common Files\Adobe\ARM\backup.exe"C:\Program Files (x86)\Common Files\Adobe\ARM\backup.exe" C:\Program Files (x86)\Common Files\Adobe\ARM\7⤵
- System policy modification
-
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\backup.exe"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\backup.exe" C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\8⤵
-
-
-
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\backup.exe"C:\Program Files (x86)\Common Files\Adobe\HelpCfg\backup.exe" C:\Program Files (x86)\Common Files\Adobe\HelpCfg\7⤵
-
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\en_US\backup.exe"C:\Program Files (x86)\Common Files\Adobe\HelpCfg\en_US\backup.exe" C:\Program Files (x86)\Common Files\Adobe\HelpCfg\en_US\8⤵
-
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\7⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\8⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\9⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\System Restore.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\System Restore.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\10⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\10⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Adobe\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Adobe\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Adobe\11⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\11⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\12⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\13⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_CA\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_CA\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_CA\14⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_GB\System Restore.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_GB\System Restore.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_GB\14⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_US\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_US\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_US\14⤵
-
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\13⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_CA\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_CA\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_CA\14⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_GB\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_GB\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_GB\14⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_US\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_US\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_US\14⤵
-
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\13⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_CA\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_CA\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_CA\14⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_GB\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_GB\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_GB\14⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_US\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_US\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_US\14⤵
-
-
-
-
-
-
-
-
-
-
C:\Program Files (x86)\Common Files\Java\backup.exe"C:\Program Files (x86)\Common Files\Java\backup.exe" C:\Program Files (x86)\Common Files\Java\6⤵
-
C:\Program Files (x86)\Common Files\Java\Java Update\backup.exe"C:\Program Files (x86)\Common Files\Java\Java Update\backup.exe" C:\Program Files (x86)\Common Files\Java\Java Update\7⤵
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\6⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\7⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\Filters\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\Filters\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\Filters\7⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\7⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\de-DE\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\de-DE\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\de-DE\8⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\en-US\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\en-US\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\en-US\8⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\es-ES\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\es-ES\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\es-ES\8⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\fr-FR\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\fr-FR\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\fr-FR\8⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\HWRCustomization\8⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\it-IT\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\it-IT\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\it-IT\8⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\ja-JP\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\ja-JP\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\ja-JP\8⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\uk-UA\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\uk-UA\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\uk-UA\8⤵
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\7⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\PublicAssemblies\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\PublicAssemblies\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\PublicAssemblies\8⤵
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\7⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\en-US\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\en-US\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\en-US\8⤵
- Modifies visibility of file extensions in Explorer
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\Stationery\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\Stationery\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\Stationery\7⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\7⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\en-US\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\en-US\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\en-US\8⤵
- System policy modification
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\Triedit\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\Triedit\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\Triedit\7⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\Triedit\en-US\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\Triedit\en-US\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\Triedit\en-US\8⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VC\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VC\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VC\7⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\7⤵
- Modifies visibility of file extensions in Explorer
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\data.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\data.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\7⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\AppInfoDocument\update.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\AppInfoDocument\update.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\AppInfoDocument\8⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\data.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\data.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\9⤵
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\8⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\9⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInViews\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInViews\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInViews\9⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\9⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\9⤵
- Modifies visibility of file extensions in Explorer
-
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\7⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\8⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\9⤵
-
-
-
-
-
C:\Program Files (x86)\Common Files\Oracle\backup.exe"C:\Program Files (x86)\Common Files\Oracle\backup.exe" C:\Program Files (x86)\Common Files\Oracle\6⤵
-
C:\Program Files (x86)\Common Files\Oracle\Java\backup.exe"C:\Program Files (x86)\Common Files\Oracle\Java\backup.exe" C:\Program Files (x86)\Common Files\Oracle\Java\7⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\backup.exe"C:\Program Files (x86)\Common Files\Oracle\Java\javapath\backup.exe" C:\Program Files (x86)\Common Files\Oracle\Java\javapath\8⤵
-
-
-
-
C:\Program Files (x86)\Common Files\Services\backup.exe"C:\Program Files (x86)\Common Files\Services\backup.exe" C:\Program Files (x86)\Common Files\Services\6⤵
-
-
C:\Program Files (x86)\Common Files\System\backup.exe"C:\Program Files (x86)\Common Files\System\backup.exe" C:\Program Files (x86)\Common Files\System\6⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Common Files\System\ado\backup.exe"C:\Program Files (x86)\Common Files\System\ado\backup.exe" C:\Program Files (x86)\Common Files\System\ado\7⤵
-
C:\Program Files (x86)\Common Files\System\ado\de-DE\backup.exe"C:\Program Files (x86)\Common Files\System\ado\de-DE\backup.exe" C:\Program Files (x86)\Common Files\System\ado\de-DE\8⤵
- System Location Discovery: System Language Discovery
- System policy modification
-
-
C:\Program Files (x86)\Common Files\System\ado\en-US\backup.exe"C:\Program Files (x86)\Common Files\System\ado\en-US\backup.exe" C:\Program Files (x86)\Common Files\System\ado\en-US\8⤵
-
-
C:\Program Files (x86)\Common Files\System\ado\es-ES\backup.exe"C:\Program Files (x86)\Common Files\System\ado\es-ES\backup.exe" C:\Program Files (x86)\Common Files\System\ado\es-ES\8⤵
- System policy modification
-
-
C:\Program Files (x86)\Common Files\System\ado\fr-FR\backup.exe"C:\Program Files (x86)\Common Files\System\ado\fr-FR\backup.exe" C:\Program Files (x86)\Common Files\System\ado\fr-FR\8⤵
-
-
C:\Program Files (x86)\Common Files\System\ado\it-IT\backup.exe"C:\Program Files (x86)\Common Files\System\ado\it-IT\backup.exe" C:\Program Files (x86)\Common Files\System\ado\it-IT\8⤵
-
-
C:\Program Files (x86)\Common Files\System\ado\ja-JP\backup.exe"C:\Program Files (x86)\Common Files\System\ado\ja-JP\backup.exe" C:\Program Files (x86)\Common Files\System\ado\ja-JP\8⤵
-
-
-
C:\Program Files (x86)\Common Files\System\de-DE\backup.exe"C:\Program Files (x86)\Common Files\System\de-DE\backup.exe" C:\Program Files (x86)\Common Files\System\de-DE\7⤵
-
-
C:\Program Files (x86)\Common Files\System\en-US\data.exe"C:\Program Files (x86)\Common Files\System\en-US\data.exe" C:\Program Files (x86)\Common Files\System\en-US\7⤵
-
-
C:\Program Files (x86)\Common Files\System\es-ES\backup.exe"C:\Program Files (x86)\Common Files\System\es-ES\backup.exe" C:\Program Files (x86)\Common Files\System\es-ES\7⤵
-
-
C:\Program Files (x86)\Common Files\System\fr-FR\update.exe"C:\Program Files (x86)\Common Files\System\fr-FR\update.exe" C:\Program Files (x86)\Common Files\System\fr-FR\7⤵
-
-
C:\Program Files (x86)\Common Files\System\it-IT\backup.exe"C:\Program Files (x86)\Common Files\System\it-IT\backup.exe" C:\Program Files (x86)\Common Files\System\it-IT\7⤵
-
-
C:\Program Files (x86)\Common Files\System\ja-JP\backup.exe"C:\Program Files (x86)\Common Files\System\ja-JP\backup.exe" C:\Program Files (x86)\Common Files\System\ja-JP\7⤵
-
-
C:\Program Files (x86)\Common Files\System\msadc\backup.exe"C:\Program Files (x86)\Common Files\System\msadc\backup.exe" C:\Program Files (x86)\Common Files\System\msadc\7⤵
-
C:\Program Files (x86)\Common Files\System\msadc\de-DE\backup.exe"C:\Program Files (x86)\Common Files\System\msadc\de-DE\backup.exe" C:\Program Files (x86)\Common Files\System\msadc\de-DE\8⤵
-
-
C:\Program Files (x86)\Common Files\System\msadc\en-US\backup.exe"C:\Program Files (x86)\Common Files\System\msadc\en-US\backup.exe" C:\Program Files (x86)\Common Files\System\msadc\en-US\8⤵
-
-
C:\Program Files (x86)\Common Files\System\msadc\es-ES\backup.exe"C:\Program Files (x86)\Common Files\System\msadc\es-ES\backup.exe" C:\Program Files (x86)\Common Files\System\msadc\es-ES\8⤵
-
-
C:\Program Files (x86)\Common Files\System\msadc\fr-FR\backup.exe"C:\Program Files (x86)\Common Files\System\msadc\fr-FR\backup.exe" C:\Program Files (x86)\Common Files\System\msadc\fr-FR\8⤵
-
-
C:\Program Files (x86)\Common Files\System\msadc\it-IT\data.exe"C:\Program Files (x86)\Common Files\System\msadc\it-IT\data.exe" C:\Program Files (x86)\Common Files\System\msadc\it-IT\8⤵
-
-
C:\Program Files (x86)\Common Files\System\msadc\ja-JP\backup.exe"C:\Program Files (x86)\Common Files\System\msadc\ja-JP\backup.exe" C:\Program Files (x86)\Common Files\System\msadc\ja-JP\8⤵
-
-
-
C:\Program Files (x86)\Common Files\System\Ole DB\backup.exe"C:\Program Files (x86)\Common Files\System\Ole DB\backup.exe" C:\Program Files (x86)\Common Files\System\Ole DB\7⤵
-
C:\Program Files (x86)\Common Files\System\Ole DB\de-DE\backup.exe"C:\Program Files (x86)\Common Files\System\Ole DB\de-DE\backup.exe" C:\Program Files (x86)\Common Files\System\Ole DB\de-DE\8⤵
-
-
C:\Program Files (x86)\Common Files\System\Ole DB\en-US\backup.exe"C:\Program Files (x86)\Common Files\System\Ole DB\en-US\backup.exe" C:\Program Files (x86)\Common Files\System\Ole DB\en-US\8⤵
-
-
C:\Program Files (x86)\Common Files\System\Ole DB\es-ES\backup.exe"C:\Program Files (x86)\Common Files\System\Ole DB\es-ES\backup.exe" C:\Program Files (x86)\Common Files\System\Ole DB\es-ES\8⤵
-
-
C:\Program Files (x86)\Common Files\System\Ole DB\fr-FR\backup.exe"C:\Program Files (x86)\Common Files\System\Ole DB\fr-FR\backup.exe" C:\Program Files (x86)\Common Files\System\Ole DB\fr-FR\8⤵
-
-
C:\Program Files (x86)\Common Files\System\Ole DB\it-IT\backup.exe"C:\Program Files (x86)\Common Files\System\Ole DB\it-IT\backup.exe" C:\Program Files (x86)\Common Files\System\Ole DB\it-IT\8⤵
-
-
C:\Program Files (x86)\Common Files\System\Ole DB\ja-JP\backup.exe"C:\Program Files (x86)\Common Files\System\Ole DB\ja-JP\backup.exe" C:\Program Files (x86)\Common Files\System\Ole DB\ja-JP\8⤵
-
-
-
C:\Program Files (x86)\Common Files\System\uk-UA\backup.exe"C:\Program Files (x86)\Common Files\System\uk-UA\backup.exe" C:\Program Files (x86)\Common Files\System\uk-UA\7⤵
-
-
-
-
C:\Program Files (x86)\Google\data.exe"C:\Program Files (x86)\Google\data.exe" C:\Program Files (x86)\Google\5⤵
-
C:\Program Files (x86)\Google\Temp\backup.exe"C:\Program Files (x86)\Google\Temp\backup.exe" C:\Program Files (x86)\Google\Temp\6⤵
-
-
C:\Program Files (x86)\Google\Update\backup.exe"C:\Program Files (x86)\Google\Update\backup.exe" C:\Program Files (x86)\Google\Update\6⤵
-
C:\Program Files (x86)\Google\Update\1.3.36.371\backup.exe"C:\Program Files (x86)\Google\Update\1.3.36.371\backup.exe" C:\Program Files (x86)\Google\Update\1.3.36.371\7⤵
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Google\Update\Download\backup.exe"C:\Program Files (x86)\Google\Update\Download\backup.exe" C:\Program Files (x86)\Google\Update\Download\7⤵
-
C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\backup.exe"C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\backup.exe" C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\8⤵
-
C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\123.0.6312.123\backup.exe"C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\123.0.6312.123\backup.exe" C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\123.0.6312.123\9⤵
-
-
-
-
C:\Program Files (x86)\Google\Update\Install\backup.exe"C:\Program Files (x86)\Google\Update\Install\backup.exe" C:\Program Files (x86)\Google\Update\Install\7⤵
-
C:\Program Files (x86)\Google\Update\Install\{D9F0045F-21F2-4700-8EFC-E6B49ABA2A8A}\backup.exe"C:\Program Files (x86)\Google\Update\Install\{D9F0045F-21F2-4700-8EFC-E6B49ABA2A8A}\backup.exe" C:\Program Files (x86)\Google\Update\Install\{D9F0045F-21F2-4700-8EFC-E6B49ABA2A8A}\8⤵
-
-
-
C:\Program Files (x86)\Google\Update\Offline\backup.exe"C:\Program Files (x86)\Google\Update\Offline\backup.exe" C:\Program Files (x86)\Google\Update\Offline\7⤵
-
-
-
-
C:\Program Files (x86)\Internet Explorer\backup.exe"C:\Program Files (x86)\Internet Explorer\backup.exe" C:\Program Files (x86)\Internet Explorer\5⤵
-
C:\Program Files (x86)\Internet Explorer\de-DE\backup.exe"C:\Program Files (x86)\Internet Explorer\de-DE\backup.exe" C:\Program Files (x86)\Internet Explorer\de-DE\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\en-US\backup.exe"C:\Program Files (x86)\Internet Explorer\en-US\backup.exe" C:\Program Files (x86)\Internet Explorer\en-US\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\es-ES\backup.exe"C:\Program Files (x86)\Internet Explorer\es-ES\backup.exe" C:\Program Files (x86)\Internet Explorer\es-ES\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\fr-FR\backup.exe"C:\Program Files (x86)\Internet Explorer\fr-FR\backup.exe" C:\Program Files (x86)\Internet Explorer\fr-FR\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\images\backup.exe"C:\Program Files (x86)\Internet Explorer\images\backup.exe" C:\Program Files (x86)\Internet Explorer\images\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\it-IT\backup.exe"C:\Program Files (x86)\Internet Explorer\it-IT\backup.exe" C:\Program Files (x86)\Internet Explorer\it-IT\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\ja-JP\update.exe"C:\Program Files (x86)\Internet Explorer\ja-JP\update.exe" C:\Program Files (x86)\Internet Explorer\ja-JP\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\SIGNUP\backup.exe"C:\Program Files (x86)\Internet Explorer\SIGNUP\backup.exe" C:\Program Files (x86)\Internet Explorer\SIGNUP\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\uk-UA\backup.exe"C:\Program Files (x86)\Internet Explorer\uk-UA\backup.exe" C:\Program Files (x86)\Internet Explorer\uk-UA\6⤵
-
-
-
C:\Program Files (x86)\Microsoft\backup.exe"C:\Program Files (x86)\Microsoft\backup.exe" C:\Program Files (x86)\Microsoft\5⤵
-
C:\Program Files (x86)\Microsoft\Edge\backup.exe"C:\Program Files (x86)\Microsoft\Edge\backup.exe" C:\Program Files (x86)\Microsoft\Edge\6⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\7⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\System Restore.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\System Restore.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\8⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\9⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\x64\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\x64\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\x64\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\x86\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\x86\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\x86\10⤵
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Extensions\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Extensions\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Extensions\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_proxy\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_proxy\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_proxy\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\System Restore.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\System Restore.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Locales\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Locales\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Locales\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\MEIPreload\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\MEIPreload\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\MEIPreload\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\MLModels\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\MLModels\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\MLModels\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Notifications\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Notifications\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Notifications\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\9⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\_platform_specific\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\_platform_specific\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\_platform_specific\10⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\_platform_specific\win_x64\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\_platform_specific\win_x64\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\_platform_specific\win_x64\11⤵
-
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\9⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Extensions\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Extensions\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Extensions\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\identity_proxy\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\identity_proxy\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\identity_proxy\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Locales\System Restore.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Locales\System Restore.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Locales\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\MEIPreload\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\MEIPreload\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\MEIPreload\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\MLModels\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\MLModels\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\MLModels\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Notifications\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Notifications\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Notifications\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\10⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\Mu\data.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\Mu\data.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\Mu\11⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\Sigma\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\Sigma\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\Sigma\11⤵
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\VisualElements\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\VisualElements\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\VisualElements\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\10⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\_platform_specific\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\_platform_specific\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\_platform_specific\11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\_platform_specific\win_x64\System Restore.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\_platform_specific\win_x64\System Restore.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\_platform_specific\win_x64\12⤵
-
-
-
-
-
-
-
-
-
-
C:\Users\backup.exeC:\Users\backup.exe C:\Users\4⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\backup.exeC:\Users\Admin\backup.exe C:\Users\Admin\5⤵
-
C:\Users\Admin\3D Objects\backup.exe"C:\Users\Admin\3D Objects\backup.exe" C:\Users\Admin\3D Objects\6⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Users\Admin\Contacts\backup.exeC:\Users\Admin\Contacts\backup.exe C:\Users\Admin\Contacts\6⤵
-
-
C:\Users\Admin\Desktop\backup.exeC:\Users\Admin\Desktop\backup.exe C:\Users\Admin\Desktop\6⤵
-
-
C:\Users\Admin\Documents\backup.exeC:\Users\Admin\Documents\backup.exe C:\Users\Admin\Documents\6⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\Documents\OneNote Notebooks\backup.exe"C:\Users\Admin\Documents\OneNote Notebooks\backup.exe" C:\Users\Admin\Documents\OneNote Notebooks\7⤵
-
C:\Users\Admin\Documents\OneNote Notebooks\My Notebook\backup.exe"C:\Users\Admin\Documents\OneNote Notebooks\My Notebook\backup.exe" C:\Users\Admin\Documents\OneNote Notebooks\My Notebook\8⤵
-
-
-
-
C:\Users\Admin\Downloads\backup.exeC:\Users\Admin\Downloads\backup.exe C:\Users\Admin\Downloads\6⤵
- System Location Discovery: System Language Discovery
-
-
C:\Users\Admin\Favorites\backup.exeC:\Users\Admin\Favorites\backup.exe C:\Users\Admin\Favorites\6⤵
-
-
C:\Users\Admin\Links\backup.exeC:\Users\Admin\Links\backup.exe C:\Users\Admin\Links\6⤵
- System Location Discovery: System Language Discovery
- System policy modification
-
-
C:\Users\Admin\Music\backup.exeC:\Users\Admin\Music\backup.exe C:\Users\Admin\Music\6⤵
- System policy modification
-
-
C:\Users\Admin\OneDrive\backup.exeC:\Users\Admin\OneDrive\backup.exe C:\Users\Admin\OneDrive\6⤵
-
-
C:\Users\Admin\Pictures\backup.exeC:\Users\Admin\Pictures\backup.exe C:\Users\Admin\Pictures\6⤵
-
C:\Users\Admin\Pictures\Camera Roll\backup.exe"C:\Users\Admin\Pictures\Camera Roll\backup.exe" C:\Users\Admin\Pictures\Camera Roll\7⤵
-
-
C:\Users\Admin\Pictures\Saved Pictures\backup.exe"C:\Users\Admin\Pictures\Saved Pictures\backup.exe" C:\Users\Admin\Pictures\Saved Pictures\7⤵
- System policy modification
-
-
-
C:\Users\Admin\Saved Games\backup.exe"C:\Users\Admin\Saved Games\backup.exe" C:\Users\Admin\Saved Games\6⤵
-
-
C:\Users\Admin\Searches\backup.exeC:\Users\Admin\Searches\backup.exe C:\Users\Admin\Searches\6⤵
-
-
C:\Users\Admin\Videos\backup.exeC:\Users\Admin\Videos\backup.exe C:\Users\Admin\Videos\6⤵
-
-
-
C:\Users\Public\update.exeC:\Users\Public\update.exe C:\Users\Public\5⤵
-
C:\Users\Public\Documents\backup.exeC:\Users\Public\Documents\backup.exe C:\Users\Public\Documents\6⤵
-
-
C:\Users\Public\Downloads\backup.exeC:\Users\Public\Downloads\backup.exe C:\Users\Public\Downloads\6⤵
-
-
C:\Users\Public\Music\backup.exeC:\Users\Public\Music\backup.exe C:\Users\Public\Music\6⤵
-
-
C:\Users\Public\Pictures\backup.exeC:\Users\Public\Pictures\backup.exe C:\Users\Public\Pictures\6⤵
-
-
C:\Users\Public\Videos\backup.exeC:\Users\Public\Videos\backup.exe C:\Users\Public\Videos\6⤵
-
-
-
-
C:\Windows\backup.exeC:\Windows\backup.exe C:\Windows\4⤵
- Drops file in Windows directory
-
C:\Windows\addins\backup.exeC:\Windows\addins\backup.exe C:\Windows\addins\5⤵
-
-
C:\Windows\appcompat\backup.exeC:\Windows\appcompat\backup.exe C:\Windows\appcompat\5⤵
- Drops file in Windows directory
-
C:\Windows\appcompat\appraiser\backup.exeC:\Windows\appcompat\appraiser\backup.exe C:\Windows\appcompat\appraiser\6⤵
- Drops file in Windows directory
-
C:\Windows\appcompat\appraiser\Telemetry\backup.exeC:\Windows\appcompat\appraiser\Telemetry\backup.exe C:\Windows\appcompat\appraiser\Telemetry\7⤵
-
-
-
C:\Windows\appcompat\encapsulation\backup.exeC:\Windows\appcompat\encapsulation\backup.exe C:\Windows\appcompat\encapsulation\6⤵
-
-
C:\Windows\appcompat\Programs\backup.exeC:\Windows\appcompat\Programs\backup.exe C:\Windows\appcompat\Programs\6⤵
- System policy modification
-
-
-
C:\Windows\apppatch\backup.exeC:\Windows\apppatch\backup.exe C:\Windows\apppatch\5⤵
- Drops file in Windows directory
-
C:\Windows\apppatch\AppPatch64\backup.exeC:\Windows\apppatch\AppPatch64\backup.exe C:\Windows\apppatch\AppPatch64\6⤵
-
-
C:\Windows\apppatch\Custom\backup.exeC:\Windows\apppatch\Custom\backup.exe C:\Windows\apppatch\Custom\6⤵
- Drops file in Windows directory
-
C:\Windows\apppatch\Custom\Custom64\backup.exeC:\Windows\apppatch\Custom\Custom64\backup.exe C:\Windows\apppatch\Custom\Custom64\7⤵
-
-
-
C:\Windows\apppatch\CustomSDB\backup.exeC:\Windows\apppatch\CustomSDB\backup.exe C:\Windows\apppatch\CustomSDB\6⤵
-
-
C:\Windows\apppatch\de-DE\System Restore.exe"C:\Windows\apppatch\de-DE\System Restore.exe" C:\Windows\apppatch\de-DE\6⤵
-
-
C:\Windows\apppatch\en-US\backup.exeC:\Windows\apppatch\en-US\backup.exe C:\Windows\apppatch\en-US\6⤵
-
-
C:\Windows\apppatch\es-ES\backup.exeC:\Windows\apppatch\es-ES\backup.exe C:\Windows\apppatch\es-ES\6⤵
-
-
C:\Windows\apppatch\fr-FR\backup.exeC:\Windows\apppatch\fr-FR\backup.exe C:\Windows\apppatch\fr-FR\6⤵
-
-
C:\Windows\apppatch\it-IT\data.exeC:\Windows\apppatch\it-IT\data.exe C:\Windows\apppatch\it-IT\6⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\apppatch\ja-JP\backup.exeC:\Windows\apppatch\ja-JP\backup.exe C:\Windows\apppatch\ja-JP\6⤵
-
-
-
C:\Windows\AppReadiness\backup.exeC:\Windows\AppReadiness\backup.exe C:\Windows\AppReadiness\5⤵
-
-
C:\Windows\assembly\backup.exeC:\Windows\assembly\backup.exe C:\Windows\assembly\5⤵
- Drops file in Windows directory
-
C:\Windows\assembly\GAC\backup.exeC:\Windows\assembly\GAC\backup.exe C:\Windows\assembly\GAC\6⤵
- Drops file in Windows directory
-
C:\Windows\assembly\GAC\ADODB\backup.exeC:\Windows\assembly\GAC\ADODB\backup.exe C:\Windows\assembly\GAC\ADODB\7⤵
- Drops file in Windows directory
-
C:\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC\Extensibility\backup.exeC:\Windows\assembly\GAC\Extensibility\backup.exe C:\Windows\assembly\GAC\Extensibility\7⤵
- Drops file in Windows directory
-
C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC\Microsoft.mshtml\backup.exeC:\Windows\assembly\GAC\Microsoft.mshtml\backup.exe C:\Windows\assembly\GAC\Microsoft.mshtml\7⤵
- Drops file in Windows directory
-
C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC\Microsoft.StdFormat\data.exeC:\Windows\assembly\GAC\Microsoft.StdFormat\data.exe C:\Windows\assembly\GAC\Microsoft.StdFormat\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Windows directory
- System policy modification
-
C:\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\8⤵
- Modifies visibility of file extensions in Explorer
-
-
-
C:\Windows\assembly\GAC\mscomctl\backup.exeC:\Windows\assembly\GAC\mscomctl\backup.exe C:\Windows\assembly\GAC\mscomctl\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Windows directory
-
C:\Windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC\MSDATASRC\backup.exeC:\Windows\assembly\GAC\MSDATASRC\backup.exe C:\Windows\assembly\GAC\MSDATASRC\7⤵
- Drops file in Windows directory
-
C:\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC\stdole\backup.exeC:\Windows\assembly\GAC\stdole\backup.exe C:\Windows\assembly\GAC\stdole\7⤵
- Drops file in Windows directory
-
C:\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\8⤵
- System Location Discovery: System Language Discovery
-
-
-
-
C:\Windows\assembly\GAC_32\backup.exeC:\Windows\assembly\GAC_32\backup.exe C:\Windows\assembly\GAC_32\6⤵
- Drops file in Windows directory
- System policy modification
-
C:\Windows\assembly\GAC_32\CustomMarshalers\backup.exeC:\Windows\assembly\GAC_32\CustomMarshalers\backup.exe C:\Windows\assembly\GAC_32\CustomMarshalers\7⤵
- Drops file in Windows directory
-
C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\update.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\update.exe C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_32\ISymWrapper\backup.exeC:\Windows\assembly\GAC_32\ISymWrapper\backup.exe C:\Windows\assembly\GAC_32\ISymWrapper\7⤵
- Drops file in Windows directory
-
C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\System Restore.exe"C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\System Restore.exe" C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_32\Microsoft.Ink\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Ink\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Ink\7⤵
- Drops file in Windows directory
-
C:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\7⤵
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
-
C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\7⤵
- Drops file in Windows directory
-
C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_32\MSBuild\backup.exeC:\Windows\assembly\GAC_32\MSBuild\backup.exe C:\Windows\assembly\GAC_32\MSBuild\7⤵
- Drops file in Windows directory
-
C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_32\mscorlib\backup.exeC:\Windows\assembly\GAC_32\mscorlib\backup.exe C:\Windows\assembly\GAC_32\mscorlib\7⤵
-
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\8⤵
-
-
-
C:\Windows\assembly\GAC_32\PresentationCore\backup.exeC:\Windows\assembly\GAC_32\PresentationCore\backup.exe C:\Windows\assembly\GAC_32\PresentationCore\7⤵
-
C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_32\srmlib\backup.exeC:\Windows\assembly\GAC_32\srmlib\backup.exe C:\Windows\assembly\GAC_32\srmlib\7⤵
-
C:\Windows\assembly\GAC_32\srmlib\1.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_32\srmlib\1.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_32\srmlib\1.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_32\System.Data\backup.exeC:\Windows\assembly\GAC_32\System.Data\backup.exe C:\Windows\assembly\GAC_32\System.Data\7⤵
-
C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\8⤵
-
-
-
C:\Windows\assembly\GAC_32\System.Data.OracleClient\backup.exeC:\Windows\assembly\GAC_32\System.Data.OracleClient\backup.exe C:\Windows\assembly\GAC_32\System.Data.OracleClient\7⤵
-
C:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\update.exeC:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\update.exe C:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\8⤵
-
-
-
C:\Windows\assembly\GAC_32\System.EnterpriseServices\backup.exeC:\Windows\assembly\GAC_32\System.EnterpriseServices\backup.exe C:\Windows\assembly\GAC_32\System.EnterpriseServices\7⤵
-
C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_32\System.Printing\backup.exeC:\Windows\assembly\GAC_32\System.Printing\backup.exe C:\Windows\assembly\GAC_32\System.Printing\7⤵
-
C:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\update.exeC:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\update.exe C:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_32\System.Transactions\backup.exeC:\Windows\assembly\GAC_32\System.Transactions\backup.exe C:\Windows\assembly\GAC_32\System.Transactions\7⤵
-
C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\8⤵
-
-
-
C:\Windows\assembly\GAC_32\System.Web\backup.exeC:\Windows\assembly\GAC_32\System.Web\backup.exe C:\Windows\assembly\GAC_32\System.Web\7⤵
-
C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
-
C:\Windows\assembly\GAC_64\backup.exeC:\Windows\assembly\GAC_64\backup.exe C:\Windows\assembly\GAC_64\6⤵
-
C:\Windows\assembly\GAC_64\CustomMarshalers\backup.exeC:\Windows\assembly\GAC_64\CustomMarshalers\backup.exe C:\Windows\assembly\GAC_64\CustomMarshalers\7⤵
-
C:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_64\ISymWrapper\backup.exeC:\Windows\assembly\GAC_64\ISymWrapper\backup.exe C:\Windows\assembly\GAC_64\ISymWrapper\7⤵
-
C:\Windows\assembly\GAC_64\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_64\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_64\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_64\Microsoft.Ink\backup.exeC:\Windows\assembly\GAC_64\Microsoft.Ink\backup.exe C:\Windows\assembly\GAC_64\Microsoft.Ink\7⤵
-
C:\Windows\assembly\GAC_64\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_64\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_64\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\backup.exeC:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\backup.exe C:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\7⤵
-
C:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\backup.exeC:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\backup.exe C:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\7⤵
-
C:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\data.exeC:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\data.exe C:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_64\MSBuild\backup.exeC:\Windows\assembly\GAC_64\MSBuild\backup.exe C:\Windows\assembly\GAC_64\MSBuild\7⤵
-
C:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_64\mscorlib\backup.exeC:\Windows\assembly\GAC_64\mscorlib\backup.exe C:\Windows\assembly\GAC_64\mscorlib\7⤵
-
C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\8⤵
-
-
-
C:\Windows\assembly\GAC_64\PresentationCore\backup.exeC:\Windows\assembly\GAC_64\PresentationCore\backup.exe C:\Windows\assembly\GAC_64\PresentationCore\7⤵
-
C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_64\srmlib\backup.exeC:\Windows\assembly\GAC_64\srmlib\backup.exe C:\Windows\assembly\GAC_64\srmlib\7⤵
-
C:\Windows\assembly\GAC_64\srmlib\1.0.0.0__31bf3856ad364e35\data.exeC:\Windows\assembly\GAC_64\srmlib\1.0.0.0__31bf3856ad364e35\data.exe C:\Windows\assembly\GAC_64\srmlib\1.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_64\System.Data\backup.exeC:\Windows\assembly\GAC_64\System.Data\backup.exe C:\Windows\assembly\GAC_64\System.Data\7⤵
-
C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\8⤵
-
-
-
C:\Windows\assembly\GAC_64\System.Data.OracleClient\backup.exeC:\Windows\assembly\GAC_64\System.Data.OracleClient\backup.exe C:\Windows\assembly\GAC_64\System.Data.OracleClient\7⤵
-
C:\Windows\assembly\GAC_64\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System Restore.exe"C:\Windows\assembly\GAC_64\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System Restore.exe" C:\Windows\assembly\GAC_64\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\8⤵
-
-
-
C:\Windows\assembly\GAC_64\System.EnterpriseServices\backup.exeC:\Windows\assembly\GAC_64\System.EnterpriseServices\backup.exe C:\Windows\assembly\GAC_64\System.EnterpriseServices\7⤵
-
C:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_64\System.Printing\backup.exeC:\Windows\assembly\GAC_64\System.Printing\backup.exe C:\Windows\assembly\GAC_64\System.Printing\7⤵
-
C:\Windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_64\System.Transactions\backup.exeC:\Windows\assembly\GAC_64\System.Transactions\backup.exe C:\Windows\assembly\GAC_64\System.Transactions\7⤵
-
C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\8⤵
-
-
-
-
-
C:\Windows\bcastdvr\backup.exeC:\Windows\bcastdvr\backup.exe C:\Windows\bcastdvr\5⤵
-
-
C:\Windows\Branding\backup.exeC:\Windows\Branding\backup.exe C:\Windows\Branding\5⤵
-
C:\Windows\Branding\Basebrd\backup.exeC:\Windows\Branding\Basebrd\backup.exe C:\Windows\Branding\Basebrd\6⤵
-
C:\Windows\Branding\Basebrd\de-DE\System Restore.exe"C:\Windows\Branding\Basebrd\de-DE\System Restore.exe" C:\Windows\Branding\Basebrd\de-DE\7⤵
-
-
C:\Windows\Branding\Basebrd\en-US\backup.exeC:\Windows\Branding\Basebrd\en-US\backup.exe C:\Windows\Branding\Basebrd\en-US\7⤵
-
-
C:\Windows\Branding\Basebrd\es-ES\System Restore.exe"C:\Windows\Branding\Basebrd\es-ES\System Restore.exe" C:\Windows\Branding\Basebrd\es-ES\7⤵
-
-
C:\Windows\Branding\Basebrd\fr-FR\backup.exeC:\Windows\Branding\Basebrd\fr-FR\backup.exe C:\Windows\Branding\Basebrd\fr-FR\7⤵
-
-
C:\Windows\Branding\Basebrd\it-IT\backup.exeC:\Windows\Branding\Basebrd\it-IT\backup.exe C:\Windows\Branding\Basebrd\it-IT\7⤵
-
-
C:\Windows\Branding\Basebrd\ja-JP\backup.exeC:\Windows\Branding\Basebrd\ja-JP\backup.exe C:\Windows\Branding\Basebrd\ja-JP\7⤵
-
-
C:\Windows\Branding\Basebrd\uk-UA\backup.exeC:\Windows\Branding\Basebrd\uk-UA\backup.exe C:\Windows\Branding\Basebrd\uk-UA\7⤵
-
-
-
C:\Windows\Branding\shellbrd\data.exeC:\Windows\Branding\shellbrd\data.exe C:\Windows\Branding\shellbrd\6⤵
-
-
-
C:\Windows\CbsTemp\backup.exeC:\Windows\CbsTemp\backup.exe C:\Windows\CbsTemp\5⤵
-
-
C:\Windows\Containers\backup.exeC:\Windows\Containers\backup.exe C:\Windows\Containers\5⤵
-
C:\Windows\Containers\serviced\backup.exeC:\Windows\Containers\serviced\backup.exe C:\Windows\Containers\serviced\6⤵
-
-
-
C:\Windows\Cursors\System Restore.exe"C:\Windows\Cursors\System Restore.exe" C:\Windows\Cursors\5⤵
-
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\979371481\data.exeC:\Users\Admin\AppData\Local\Temp\979371481\data.exe C:\Users\Admin\AppData\Local\Temp\979371481\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\acrocef_low\backup.exeC:\Users\Admin\AppData\Local\Temp\acrocef_low\backup.exe C:\Users\Admin\AppData\Local\Temp\acrocef_low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exeC:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exe C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Low\backup.exeC:\Users\Admin\AppData\Local\Temp\Low\backup.exe C:\Users\Admin\AppData\Local\Temp\Low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exeC:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exe C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\OneNote\backup.exeC:\Users\Admin\AppData\Local\Temp\OneNote\backup.exe C:\Users\Admin\AppData\Local\Temp\OneNote\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\OneNote\16.0\backup.exeC:\Users\Admin\AppData\Local\Temp\OneNote\16.0\backup.exe C:\Users\Admin\AppData\Local\Temp\OneNote\16.0\3⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\OneNote\16.0\Exported\backup.exeC:\Users\Admin\AppData\Local\Temp\OneNote\16.0\Exported\backup.exe C:\Users\Admin\AppData\Local\Temp\OneNote\16.0\Exported\4⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\TCDAEDF.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDAEDF.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDAEDF.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\TCDAEE0.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDAEE0.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDAEE0.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDAF01.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDAF01.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDAF01.tmp\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDAF13.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDAF13.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDAF13.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDAF73.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDAF73.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDAF73.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDAF75.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDAF75.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDAF75.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDAF96.tmp\System Restore.exe"C:\Users\Admin\AppData\Local\Temp\TCDAF96.tmp\System Restore.exe" C:\Users\Admin\AppData\Local\Temp\TCDAF96.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDAFA8.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDAFA8.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDAFA8.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDAFAA.tmp\update.exeC:\Users\Admin\AppData\Local\Temp\TCDAFAA.tmp\update.exe C:\Users\Admin\AppData\Local\Temp\TCDAFAA.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDAFBB.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDAFBB.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDAFBB.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDAFDD.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDAFDD.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDAFDD.tmp\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB01D.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB01D.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB01D.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB07D.tmp\data.exeC:\Users\Admin\AppData\Local\Temp\TCDB07D.tmp\data.exe C:\Users\Admin\AppData\Local\Temp\TCDB07D.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB11B.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB11B.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB11B.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB14C.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB14C.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB14C.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB16D.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB16D.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB16D.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB16F.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB16F.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB16F.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB1A0.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB1A0.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB1A0.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB1E1.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB1E1.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB1E1.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB2AF.tmp\System Restore.exe"C:\Users\Admin\AppData\Local\Temp\TCDB2AF.tmp\System Restore.exe" C:\Users\Admin\AppData\Local\Temp\TCDB2AF.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB2BF.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB2BF.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB2BF.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB34E.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB34E.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB34E.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB350.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB350.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB350.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB371.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB371.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB371.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB3B2.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB3B2.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB3B2.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB421.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB421.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB421.tmp\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB4A0.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB4A0.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB4A0.tmp\2⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB4B2.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB4B2.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB4B2.tmp\2⤵
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB4C3.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB4C3.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB4C3.tmp\2⤵
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB571.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB571.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB571.tmp\2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB583.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB583.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB583.tmp\2⤵
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB68E.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB68E.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB68E.tmp\2⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB7E8.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB7E8.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB7E8.tmp\2⤵
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\TCDB848.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDB848.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDB848.tmp\2⤵
-
-
C:\Users\Admin\AppData\Local\Temp\TCDBB96.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDBB96.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDBB96.tmp\2⤵
-
-
C:\Users\Admin\AppData\Local\Temp\TCDBBC8.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDBBC8.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDBBC8.tmp\2⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Users\Admin\AppData\Local\Temp\TCDBBCA.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDBBCA.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDBBCA.tmp\2⤵
-
-
C:\Users\Admin\AppData\Local\Temp\TCDBBCB.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDBBCB.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDBBCB.tmp\2⤵
-
-
C:\Users\Admin\AppData\Local\Temp\TCDBBCD.tmp\backup.exeC:\Users\Admin\AppData\Local\Temp\TCDBBCD.tmp\backup.exe C:\Users\Admin\AppData\Local\Temp\TCDBBCD.tmp\2⤵
-
-
C:\Users\Admin\AppData\Local\Temp\VBE\backup.exeC:\Users\Admin\AppData\Local\Temp\VBE\backup.exe C:\Users\Admin\AppData\Local\Temp\VBE\2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\System32\mousocoreworker.exeC:\Windows\System32\mousocoreworker.exe -Embedding1⤵
-
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_none_7e21bc567c7ed16b\TiWorker.exeC:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_none_7e21bc567c7ed16b\TiWorker.exe -Embedding1⤵
Network
MITRE ATT&CK Enterprise v15
Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
212KB
MD52dbfa69978d113b32da8e2180237cee5
SHA1be51a090a22f1331515c84a9d9e3ee4faac56233
SHA2560dab869f525867b8c2e98830c93dc90bd1d570498989a4d9929662018af6eb25
SHA512a4c4558c40d277a9fae922dd17c9aac2d56335722657cfb0f8d7ab97cbf897f2e987e2991c96e2f2742071b859e152b49a5513f8da4b18f3ee10a6c4f8f4c7fb
-
Filesize
212KB
MD56a52aaef1a58a4181f44be9293e1e616
SHA18587e3dee3d3938316dc100dbbed906abca3d123
SHA256b4c86bec48a3e3848fab1014c022d50d1982462c619b0da477cd946aabb396d5
SHA5121cd8e329659d34978a6f7114b73a0e8454b6d9f4cc546bb50d37011347e3ac2f47b0db47089075804267eaff51266408bb34d54df392a806a133db57f4db9963
-
Filesize
212KB
MD56653c77b9a430cbe46c5fd0396735ae5
SHA1e45c49a4243e89bd5dbe2d1b276db702750ce223
SHA256c9cec74c8397c4d98990f9da7c8b09e89e879f391953d7e8eb237ceb2006767a
SHA512e2f4abb87a972a0013eb0efff79895009f33e720ece52a1de413c462a9e25022860a0e913e8cba2600932631e02ba2b5189367b4e29b6ea8595a6f1cf14d535b
-
Filesize
212KB
MD52d416b0440836e61eaab9a6c4c18dbce
SHA1b1472e2ceec6eb6c228424b8b556b69ea302a5d1
SHA2563628e44ba27d930d6345291a949f1247e23db06f205d969208c70f3e6fabe4bc
SHA512e6ea47bae0343d452086ffb88df9469cefc9a742225cb1048894673e0c1982d39a965bf9d5957b746c1fde5f3b2c7a7231a3bc64458bb4d717230dfd4a46b4d2
-
Filesize
212KB
MD57868b1443487fe776bff27dc9460bd15
SHA14b94f6a98e0530dbfb764b653057f362036e606f
SHA256568f1d3f81f1382fbefb46b20e9cd097b1fef56c50a11f399676b0cdccce48cb
SHA512ce6bf99f62e711ad9ea28476dc987e3c429213f74912e08cdc6dc0a7bae2e6947cd2e382240e7d85452474383a84afcc899d4ba76159da6a285b7e4cd06f2b16
-
Filesize
212KB
MD585b31edf748f62d1aa9cc19537db3bb6
SHA1f0cb92b5f0498e842d13b8581dc18b8546767d70
SHA25672fab283b4b851168d30ab4ea69518097a05b382744c9121c7229732ec0bb953
SHA5121a53c40d6a0dead7c5ce53c73b510369104f8df09f88ffebee6c4a2c94095b768eba23831dd32ffbf38a35eb59fb36b41b570c4723016d537df3187d8038aadb
-
Filesize
212KB
MD5774ed3400c85ed4a4aa54f7356d59413
SHA1c16c11f3b450210493c09d5a90fa004ff7415f40
SHA25603ec3d8f8b58d339012620ffef767c690010d2fc5dc331ec3bee15aeaf6559cc
SHA512d5690e226b2e258b265ca9a88f349cf911944d84f50eae30a833650a55afe343d5dfafa98c60945517557d65e79a047d9895706e9b6529886e9fd0b5afb46f83
-
Filesize
212KB
MD520c8ae4875945394db170207c8a14df1
SHA1d7daca3488efe1e1fcb80eac0b205a420ad188ac
SHA256e08bf7f1497baa6618db66700c2fea73477b9ed2621f2fdd954888a129eedb2f
SHA51244b425953ef8bee0f1e688e754bdd726767ebcfecb5a6f2b71041bee1974dd0d3011d96f6b220a5fb256a2eb47a82f24dfaa884b2c662d27f9d2df12669122bd
-
Filesize
212KB
MD5ba0b7308ceae3a0f3eb3ca9726c47ba2
SHA1e38efac6712df44e1e8c4f0720b415179256714d
SHA256c4dca95e8c5efb9a8eeb79a69e549ad95e485d00c8c72559a1465a003abe73d1
SHA512345a64cefedcd2f45b07470db2012dcead0cc4f63a3e27ff562339123f1a6d13fbb8aa21e42c8880cb8b59353d2f09bcfd8c2bd25a78be6e08e2ccd671e1a55f
-
Filesize
212KB
MD52791c001a4a1c01866fd4a106afa1006
SHA144892cdc2ceeadc70197596bb023fec340f0c50c
SHA2569c3a3c409514e642655231914fe784a811a9d95f3a3cf89160564726e5b452fe
SHA51246a56d679cc0af389d6b153dff63fc7a352127f727edabdc4832a2c569d4227c591c4c1aac56f561271e2a9d46209c55010bb5be7c4e3b499c263c15eb1ff6db
-
Filesize
22B
MD576cdb2bad9582d23c1f6f4d868218d6c
SHA1b04f3ee8f5e43fa3b162981b50bb72fe1acabb33
SHA2568739c76e681f900923b900c9df0ef75cf421d39cabb54650c4b9ad19b6a76d85
SHA5125e2f959f36b66df0580a94f384c5fc1ceeec4b2a3925f062d7b68f21758b86581ac2adcfdde73a171a28496e758ef1b23ca4951c05455cdae9357cc3b5a5825f
-
Filesize
79KB
MD5c7f2684cceddb4c197d8117961c6f19f
SHA186d351f79fddb58bc96754150397a236fc2080e7
SHA256a99d4928706be892c4d109aae36163eb1e1da0310689d25653bedd87a851f39a
SHA512535ee64f5562fb9fb0b6ae298e143a7246d674fd3e21c32af144563c39c1c80e7dd8f1f3051fb42ffc6f00f7a5452cf9a2e4a978e62574a18568052e5a172e50
-
Filesize
212KB
MD5cadd2ff96e3fa68cb14d124c508c9a0a
SHA182044030111bc9f345adf687e6aa1536177d88e5
SHA25637b809a52cebc7b35c4408d80b465fbb36ab129a02d440e3303135872c00b30b
SHA512ebcc3e3a464293818fb23b682e1bc819aadec8851d29e0e71e85d76fca398dfced080bc558b12bd25c06743c45a7b6e71826cacd5505e6e72b8b4cdd51751683
-
Filesize
212KB
MD5e24992f6bdefe48cf23329dbe156202d
SHA11bca0ab3c5eb3d65342975bbeb2942625c6c6e8a
SHA256691606e3fdfa89d70050e294f753babe939cd15a8d14a4ba1f995d18090db10d
SHA512721e660ed76000683325f8f4adb32c6e7dc94d85cb9e79a141ab5c13ec78df6ce99dc3283f91c935ca68bf59d117746fef7d471579fe2a1848e37d22797eb59e
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB
-
Filesize
256KB